The Hacker News

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

CISA warns of active exploitation of Sierra Wireless router flaw allowing remote code execution via unrestricted file upload.
The Hacker News

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Apple fixes two exploited WebKit bugs targeting specific users, issuing security updates across iOS, macOS, and Safari.
The Hacker News

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

Researchers detail new AI and phishing kits that steal credentials, bypass MFA, and scale attacks across major services.
The Hacker News

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

Enterprises rely on browser-based GenAI, increasing data-exposure risks and demanding strict policies, isolation, and ...
The Hacker News

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

CISA reports active exploitation of GeoServer XXE flaw CVE-2025-58360 and directs immediate updates to secure affected ...
The Hacker News

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

PyStoreRAT spreads via fake GitHub tools using small Python or JavaScript loaders to fetch HTA files and install a modular ...
The Hacker News

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency ...

CISA warns that attackers are actively exploiting the React2Shell CVE-2025-55182 flaw, urging fast patching across vulnerable ...
The Hacker News

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Vendors fix critical flaws across Fortinet, Ivanti, and SAP to prevent authentication bypass and remote code execution.
The Hacker News

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

Huntress reports active attacks abusing Gladinet’s fixed cryptographic keys to forge tickets and gain remote code execution ...
The Hacker News

STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

Sophos reports STAC6565 targeting nearly 40 victims, with 80% of attacks hitting Canadian firms and involving QWCrypt ...
The Hacker News

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.
The Hacker News

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

WIRTE expands AshTag espionage operations, using phishing & DLL sideloading to target Middle East govts with persistent ...