News

The Hacker News2h
Security Tools Alone Don't Protect You — Control Effectiveness Does
Security has never been about simply having the right tools. It is about understanding whether those tools are ready for the ...
The Hacker News3h
MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware
MirrorFace deployed ROAMINGMOUSE and updated ANEL malware in March 2025 to target Japan and Taiwan's government systems ...
The Hacker News6h
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware
The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an ...
The Hacker News7h
Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks
Europol dismantled six DDoS-for-hire services, arrested four, seized nine domains—disrupting attacks since 2022.
The Hacker News8h
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT
Cisco fixes CVE-2025-20188, a 10.0 CVSS flaw tied to hardcoded JWT in wireless controllers, preventing root-level remote ...
The Hacker News8h
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) ...
The Hacker News23h
OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws
CVE-2025-27007 exploited in OttoKit WordPress plugin before v1.0.83 enables admin creation without authentication.