The Hacker News6h
⚡ Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Comeback and More
Companies need to rethink how they protect their private and public use of AI and how they defend against AI-powered attacks.
Ivanti patches serious Connect Secure flaw
Ivanti has recently patched a critical severity vulnerability found in its Connect Secure (ICS) VPN appliances which was ...
CISA adds Ivanti Connect Secure vulnerability to KEV catalog
CVE-2025-22457 is a critical stack buffer-overflow vulnerability that Ivanti had initially assessed as a low-level product ...
Google fixes Android zero-days exploited in attacks, 60 other flaws
Google has released patches for 62 vulnerabilities in Android's April 2025 security update, including two zero-days exploited ...
Malicious VSCode extensions infect Windows with cryptominers
Nine VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting ...
Infosecurity Magazine3h
Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign
Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsoft’s lightweight ...