News

The Hacker News5h

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

Docker patched CVE-2025-9074 (CVSS 9.3), a flaw enabling container escape via unauthenticated API, risking host takeover.
The Hacker News7h

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads

UpCrypter phishing since Aug 2025 uses fake voicemails, RAT payloads, and anti-analysis, hitting global industries.
The Hacker News14h

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

Transparent Tribe targets Indian government using weaponized .desktop files since 2022, enabling persistence and credential ...
The Hacker News10h

⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More

Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that ...
The Hacker News15h

ShinyHunters Data Breach vs. SaaS: Why Dynamic Security Matters

ShinyHunters is a notorious cybercrime group that has resurfaced with a new playbook of SaaS-focused attacks. Known for ...
The Hacker News14h

The New Mindset: Platforms Over Products

Traditional tools fail; Keeper CEO highlights zero trust, least privilege, and AI automation reshaping defense.
The Hacker News5h

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

UNC6384 is assessed to share tactical and tooling overlaps with a known Chinese hacking group called Mustang Panda, which is also tracked as BASIN, Bronze President, Camaro Dragon, Earth Preta, ...
The Hacker News11h

Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations

Organizations detected only 1 in 7 attacks in 2025; log failures, misconfigurations, and performance issues left systems ...