News

The Hacker News3h
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control
RansomHub's sudden offline status triggered affiliate migration to Qilin and cartel shifts, signaling major RaaS disruption.
The Hacker News3h
Customer Account Takeovers: The Multi-Billion Dollar Problem You Don't Know About
The report found a median account takeover exposure rate of 1.4% among platforms ranging from 5 million to 300 million users.
The Hacker News3h
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
Another noteworthy tool in TheWizards' arsenal is DarkNights, which is also called DarkNimbus by Trend Micro and has been ...
The Hacker News7h
Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code
Meta debuts LlamaFirewall with PromptGuard 2 and CyberSecEval 4 to defend AI from injection attacks and insecure code threats ...
The Hacker News21h
SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients
SentinelOne uncovers China-linked PurpleHaze attacks and North Korean infiltration attempts amid rising EDR testing abuses.
The Hacker News20h
WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy
WhatsApp launches Private Processing using CVM and OHTTP, ensuring AI-driven message privacy and auditable security.
The Hacker News9h
Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations
Indian court orders blocking of Proton Mail citing AI deepfakes and explicit emails, triggering national privacy concerns.
The Hacker News21h
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
Multiple AI jailbreaks and tool poisoning flaws expose GenAI systems like GPT-4.1 and MCP to critical security risks.
The Hacker News1d
Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool
Custom malware hidden in UyghurEdit++ targeted WUC leaders since May 2024, exposing Uyghur diaspora surveillance links to ...
The Hacker News1d
CISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV Database
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two high-severity security flaws impacting ...
The Hacker News1d
Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products
Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023. Of the ...
The Hacker News1d
Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools
Government and telecommunications sectors in Southeast Asia have become the target of a "sophisticated" campaign undertaken ...