News

The Hacker News5h

New TETRA Radio Encryption Flaws Expose Law Enforcement Communications

Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) ...
The Hacker News7h

Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls

Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform ...
The Hacker News16h

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day ...
The Hacker News10h

6 Lessons Learned: Focusing Security Where Business Value Lives

Refined exposure management cuts remediation by 96%, aligning security with business priorities for stronger, efficient ...
The Hacker News16h

The Second Layer of Salesforce Security Many Teams Miss

Automated tools give you visibility. Adversarial testing gives you clarity. In Salesforce environments, you need both.
The Hacker News1d

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

The Windows RPC protocol utilizes universally unique identifiers (UUIDs) and an Endpoint Mapper (EPM) to enable the use of ...
The Hacker News1d

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

SafeBreach found four Windows DoS flaws via RPC and LDAP, enabling stealth DDoS botnets. Microsoft patched in 2025.
The Hacker News2d

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers found ReVault flaws in Dell ControlVault3 affecting 100+ laptop models, risking login bypass and key theft.
The Hacker News2d

Linux-Based Lenovo Webcams' Flaw Can Be Remotely Exploited for BadUSB Attacks

Lenovo webcam flaws let attackers deploy remote BadUSB exploits, risking keystroke injection and persistent malware.
The Hacker News2d

Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems

Researchers bypass GPT-5 guardrails using narrative jailbreaks, exposing AI agents to zero-click data theft risks.
The Hacker News3d

AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

AI-powered phishing mimics Brazilian agencies, stealing data and PIX payments; Efimer Trojan targets crypto wallets.
The Hacker News5d

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

While this approach ensures that each task gets credentials for its IAM role and they are delivered at runtime, a leak of the ...