资讯

The Hacker News1 天
FBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social Engineering
Scattered Spider targets airlines with advanced social engineering and MFA bypass tactics. Industry must reassess identity ...
The Hacker News2 天
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
China-linked hackers use compromised SOHO devices in espionage campaign, targeting Taiwan, the U.S., and Southeast Asia.
The Hacker News1 天
Facebook's New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns
Meta's new AI feature requests photo uploads from users for personalized suggestions, sparking privacy concerns.
The Hacker News2 天
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted
Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer ...
The Hacker News3 天
Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks
Iranian hackers linked to APT35 target Israeli professionals using AI-driven phishing, fake Gmail pages, and 2FA bypass.
The Hacker News2 天
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and ...
The Hacker News3 天
Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa
SaaS platforms lack comprehensive data protection, exposing organizations to data loss, compliance risks, and cyberthreats.
The Hacker News4 天
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
The disclosure comes as Citrix patched a critical-rated security flaw in NetScaler (CVE-2025-5777, CVSS score: 9.3) that ...
The Hacker News1 天
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
Citrix releases urgent patches for CVE-2025-6543 in NetScaler ADC, a critical flaw affecting multiple versions. CVSS score ...
The Hacker News2 天
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
ClickOnce is offered by Microsoft as a way to install and update Windows-based applications with minimal user interaction. It ...
The Hacker News4 天
Beware the Hidden Risk in Your Entra Environment
Guest users in Entra ID may exploit billing roles to create and control subscriptions, escalating access undetected.
The Hacker News4 天
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages
Contagious Interview, first publicly documented by Palo Alto Networks Unit 42 in late 2023, is an ongoing campaign undertaken ...