The Hacker News49 分钟
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the ...
The Hacker News19 小时
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
DHS terminates advisory committees, including CSRB, halting investigations into Chinese cyberattacks and AI safety.
The Hacker News19 小时
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
Critical SonicWall zero-day (CVE-2025-23006) in SMA 1000 appliances fixed. Rated 9.8 CVSS; patch now to prevent active ...
The Hacker News21 小时
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
A third vulnerability patched by Cisco is CVE-2025-20128 (CVSS score: 5.3), an integer underflow bug impacting the Object ...
The Hacker News20 小时
New Research: The State of Web Exposure 2025
New research by web exposure management specialist Reflectiz reveals several alarming findings about the high number of ...
The Hacker News20 小时
QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features
The BC malware has also been the subject of an independent analysis by Sophos, which attributed the artifacts to a threat ...
The Hacker News16 小时
Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads
HellCat and Morpheus ransomware share identical code, relying on the Windows Cryptographic API for encryption.
The Hacker News13 小时
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers
Rare malware targets Juniper routers in the J-magic campaign, exploiting JunoOS and impacting industries like IT, energy, and manufacturing.
The Hacker News15 小时
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits
Seven vulnerabilities, including BootHole and PixieFail, in Palo Alto firewalls risk Secure Boot integrity and enable sophisticated attacks.
The Hacker News19 小时
How to Eliminate Identity-Based Threats
Modern authentication technologies eliminate identity-based threats, including phishing and credential theft, impacting 90% ...