The Hacker News11h
VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics
VanHelsing RaaS launched March 7, 2025 with 3 victims using a $5,000 deposit model, expanding cyber threats across multiple ...
The Hacker News11h
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
Microsoft launches inline data protection in Edge, preventing data leaks in GenAI apps and boosting enterprise security.
The Hacker News8h
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Five critical flaws in Ingress NGINX Controller expose 6,500+ clusters; update now to prevent unauthorized remote code ...
The Hacker News18h
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
Next.js flaw CVE-2025-29927 bypasses authorization checks in versions 12.3.5 to 15.2.3, risking admin page access.
The Hacker News16h
VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
Ransomware in VSCode extensions triggers PowerShell payload to encrypt test files; developers warned to strengthen security.
The Hacker News21h
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed
CVE-2025-30066 supply chain attack compromised tj-actions on March 14, 2025, exposing 218 repositories and leaking ...
The Hacker News21h
The Surprising Gap in DDoS Protections: How Attackers Continue to Exploit DDoS Vulnerabilities
DDoS vulnerabilities are hidden within all DDoS protection solutions – i.e., they are mostly located in the security policies ...
The Hacker News18h
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families
China-linked APT Aquatic Panda targeted 7 organizations in a 10-month espionage campaign using five malware families.
The Hacker News1d
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
U.S. Treasury lifts Tornado Cash sanctions after Fifth Circuit ruling, removing 100+ ETH wallets to bolster digital asset ...
The Hacker News2d
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers
Kaspersky reveals Head Mare and Twelve join forces targeting Russian entities via vulnerabilities and new tools, escalating ...
The Hacker News3d
UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools
UAT-5918 has attacked Taiwan infrastructure since 2023 using web shells and open-source tools to steal credentials.
The Hacker News7d
âš¡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
Critical router breaches, stealthy PyPI malware, powerful new ransomware decryptors—this week's top cyber threats decoded ...