The Hacker News

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection ...
The Hacker News

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Huntress reports widespread SonicWall VPN compromises and Akira ransomware exploits amid firewall backup leaks.
The Hacker News

CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business ...
The Hacker News

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Fortinet warns Stealit malware uses Node.js SEA and fake installers to deliver stealers, RATs, and persistence.
The Hacker News

From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

Huntress reports active exploitation of Gladinet CVE-2025-11371, exposing system files and enabling remote code execution.
The Hacker News

Microsoft Warns of 'Payroll Pirates' Hijacking HR SaaS Accounts to Steal Employee Salaries

"Storm-2657 is actively targeting a range of U.S.-based organizations, particularly employees in sectors like higher ...
The Hacker News

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

CVE-2025-10035 concerns a case of deserialization vulnerability in the License Servlet that could result in command injection ...
The Hacker News

From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine

Russian hackers' adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the ...
The Hacker News

The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and ...
The Hacker News

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

The authentication bypass vulnerability, tracked as CVE-2025-5947 (CVSS score: 9.8), affects the Service Finder Bookings, a ...
The Hacker News

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to ...
The Hacker News

ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

Cyber threats evolve fast—blending AI, social engineering, and cloud attacks. Stay informed with practical insights to build ...