Nuacht

The Hacker News1 lá

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

ERMAC was first documented by ThreatFabric in September 2021, detailing its ability to conduct overlay attacks against ...
The Hacker News1 lá

Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware

EncryptHub exploits CVE-2025-26633 with social engineering and rogue MSC files, delivering Fickle Stealer malware.
The Hacker News2 lá

Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution

The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation ...
The Hacker News3 lá

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

Defend against PhantomCard, SpyBanker, and KernelSU exploits—secure banking, block NFC fraud, and stop Android malware today.
The Hacker News2 lá

Zero Trust + AI: Privacy in the Age of Agentic AI

Because once an agent becomes adaptive and semi-autonomous, privacy isn't just about who has access to the data; it's about ...
The Hacker News1 lá

Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

UAT-7237 exploits unpatched Taiwan servers using SoundBill, Cobalt Strike, and SoftEther VPN for persistent control.
The Hacker News4 lá

Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses

ShinyHunters and Scattered Spider are teaming up in a coordinated Salesforce phishing and extortion campaign, with ...
The Hacker News2 lá

New HTTP/2 'MadeYouReset' Vulnerability Enables Large-Scale DoS Attacks

MadeYouReset exploit bypasses HTTP/2 Rapid Reset mitigations, affecting major servers and enabling large-scale DoS attacks.
The Hacker News3 lá

Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses

The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South ...
The Hacker News2 lá

Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon's Reach to Linux and macOS

The bespoke Cobalt Strike Beacon loader has been codenamed ReadNimeLoader. CrossC2, an unofficial Beacon and builder, is ...
The Hacker News4 lá

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

"An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in ...
The Hacker News3 lá

Have You Turned Off Your Virtual Oven?

EASM and DRP tools automate asset discovery and threat monitoring, reducing breach risk from hidden digital exposures.