Security
Headlines
HeadlinesLatestCVEs

Latest News

Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown

Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted as part of a coordinated law enforcement operation led by Europol and Eurojust. The activity, which is taking place between November 10 and 13, 2025, marks the latest phase of Operation Endgame, an ongoing operation designed to take down criminal infrastructures and combat ransomware enablers

The Hacker News
Open in Source
#web#google#botnet#auth#The Hacker News
Unleashing the Kraken ransomware group

In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel.

We opened a fake invoice and fell down a retro XWorm-shaped wormhole

In 2025, receiving a .vbs “invoice” is like finding a floppy disk in your mailbox. It's retro, suspicious, and definitely not something you should run.

ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories

Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us. But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems to keep people safe. It’s a constant race — every

CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including

Kenya Kicks Off 'Code Nation' With a Nod to Cybersecurity

The African country aims to train 1 million workers in tech skills in the short term, with a focus on software engineering, cybersecurity, and data science.

Over 46,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort. "The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two years," Endor Labs