The Hacker News19 h
Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks
"Affected versions of meta-llama are vulnerable to deserialization of untrusted data, meaning that an attacker can execute ...
The Hacker News19 h
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
Critical SonicWall zero-day (CVE-2025-23006) in SMA 1000 appliances fixed. Rated 9.8 CVSS; patch now to prevent active ...
The Hacker News2 j
2025 State of SaaS Backup and Recovery Report
This article shares critical findings from the 2025 State of SaaS Backup and Recovery Report, which gathered data from over 3 ...
The Hacker News2 j
Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations
Google's Identity Check locks sensitive Android settings behind biometrics, enhancing security outside trusted locations.
The Hacker News1 j
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the ...
The Hacker News2 j
DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations
The action targets Jin Sung-Il (진성일), Pak Jin-Song (박진성), Pedro Ernesto Alonso De Los Reyes, Erick Ntekereze Prince, and ...
The Hacker News3 j
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
PlushDaemon APT targets South Korean VPN with SlowStepper backdoor. Multistage DNS C&C protocol aids espionage.
The Hacker News5 j
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A 13,000-router MikroTik botnet bypasses SPF protections on 20,000 domains, fueling malware, DDoS, and phishing.
The Hacker News3 j
Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks
Fake CAPTCHA checks are spreading Lumma Stealer malware worldwide, targeting telecom, healthcare, and banking sectors ...
The Hacker News3 j
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers
Rare malware targets Juniper routers in the J-magic campaign, exploiting JunoOS and impacting industries like IT, energy, and ...
The Hacker News6 j
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]
This week in cybersecurity: zero-day exploits, advanced malware, and the latest hacking tricks you need to know about.
The Hacker News3 j
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
A third vulnerability patched by Cisco is CVE-2025-20128 (CVSS score: 5.3), an integer underflow bug impacting the Object ...