News

The Hacker News2h
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware
The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an ...
The Hacker News4h
Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks
Europol dismantled six DDoS-for-hire services, arrested four, seized nine domains—disrupting attacks since 2022.
The Hacker News4h
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT
Cisco fixes CVE-2025-20188, a 10.0 CVSS flaw tied to hardcoded JWT in wireless controllers, preventing root-level remote ...
The Hacker News20h
OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws
CVE-2025-27007 exploited in OttoKit WordPress plugin before v1.0.83 enables admin creation without authentication.
The Hacker News22h
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
All four vulnerabilities have been rectified by SysAid with the release of on-premise version 24.4.60 b16 in early March 2025 ...
The Hacker News22h
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
The exploitation of CVE-2025-29824 also points to the trend of ransomware actors using zero-days to infiltrate targets. Last ...
The Hacker News22h
Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection
A new report Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection analyzing gaps in SSE implementations ...