资讯

The Hacker News1 小时
The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats
Government agencies are continuously targeted by advanced persistent threats (APTs) from nation-state adversaries, requiring ...
The Hacker News2 小时
Identity-First Security: A Multilayered Approach to Reducing Identity Attack Risk
Identities are today’s top attack vector. Here's how to build a layered security approach that reduces privilege risk across ...
The Hacker News6 小时
Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called ...
The Hacker News2 天
U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation
To that effect, the U.S. Department of Justice (DoJ) said it seized four domains and their associated server facilitated the ...
The Hacker News2 天
ConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted Breach
ConnectWise breached by suspected nation-state actor in May 2025; Google Mandiant leads probe; flaw CVE-2025-3935 patched ...
The Hacker News2 天
New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data
New Rust-based EDDIESTEALER spreads via fake CAPTCHA pages, stealing credentials and bypassing Chrome encryption.
The Hacker News3 天
U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud
The U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based ...
The Hacker News3 天
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has ...
The Hacker News1 天
New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora
Linux vulnerabilities CVE-2025-5054 and CVE-2025-4598 let local attackers extract sensitive data via SUID core dumps.
The Hacker News4 天
DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints
DragonForce exploited three SimpleHelp CVEs to hijack an MSP’s RMM tool, steal data, and deploy ransomware on customer ...
The Hacker News4 天
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin
CVE-2025-47577 flaw in TI WooCommerce Wishlist lets unauthenticated attackers upload malicious files—no patch yet, 100K+ ...
The Hacker News3 天
Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools
Fake AI installers for ChatGPT and InVideo deliver ransomware and info-stealers via SEO scams and social ads, targeting ...