The Hacker News

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The Darcula phishing-as-a-service (PhaaS) platform has introduced generative AI (GenAI) capabilities, significantly enhancing its accessibility and effectiveness for cybercriminals.

Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely

A critical vulnerability (CVE-2025-34028) in Commvault Command Center Innovation Release (versions 11.38.0 through 11.38.19) allows unauthenticated remote attackers to execute arbitrary code.

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

A widespread and ongoing SMS phishing (smishing) campaign has been targeting toll road users across eight U.S. states since mid-October 2024. The campaign impersonates electronic toll systems.

Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks

Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild.

New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs

Researchers detailed four different vulnerabilities in a core component of the Windows task scheduling service, which local attackers could exploit to achieve privilege escalation and erase logs to cover up evidence of malicious activities.

Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users

Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024.

New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks

Researchers unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024.

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that's designed to reroute trading orders placed on the MEXC cryptocurrency exchange to a malicious server and steal tokens.

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change.

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags