The Hacker News

From Log4j to IIS, China's Hackers Turn Legacy Bugs into Global Espionage Tools

China-linked hackers exploited multiple CVEs in April 2025 to target global entities with advanced persistence.
SDxCentral

‘Very Few Will Escape’ Log4j, Threat Researchers Say

Cybersecurity professionals and IT vendors spent the weekend scrambling to shore up systems before hackers exploited a zero-day vulnerability in the popular Apache Log4j open source logging tool.
Dark Reading

TellYouThePass Ransomware Group Exploits Critical PHP Flaw

A threat group is exploiting a critical, easily exploitable PHP bug for remote code execution (RCE) in living-off-the-land style ransomware attacks that target businesses and individuals running both ...