Security
Headlines
HeadlinesLatestCVEs

Latest News

 Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform

Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries. The PhaaS kit is used to conduct large-scale SMS phishing attacks that exploit trusted brands like E-ZPass and USPS to

The Hacker News
Open in Source
#web#android#apple#google#git#The Hacker News
Hackers Use KakaoTalk and Google Find Hub in Android Spyware Attack

North Korea-linked KONNI hackers used KakaoTalk and Google Find Hub to spy on victims and remotely wipe Android devices in a targeted phishing campaign.

Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws

Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. "This discovery highlights the trend of threat actors focusing on critical identity and network access control infrastructure –

[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR

Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind. But what if there was a smarter way to stay ahead—without adding more work or stress? Join The Hacker News and Bitdefender for a free cybersecurity webinar to learn about a new approach called Dynamic Attack

Update now: November Patch Tuesday fixes Windows zero-day exploited in the wild

This month’s Windows update closes several major security holes, including one that’s already being used by attackers. Make sure your PC is up to date.

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active

@facebookmail.com Invites Exploited to Phish Facebook Business Users

If you manage Facebook advertising for a small or medium-sized business, open your inbox with suspicion, because attackers…

Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack

Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild. Of the 63 flaws, four are rated Critical and 59 are rated Important in severity. Twenty-nine of these vulnerabilities are related to privilege escalation, followed by 16 remote code execution, 11 information disclosure, three

How Malwarebytes stops the ransomware attack that most security software can’t see 

Discover how Malwarebytes detects and blocks network-based ransomware attacks that bypass traditional ransomware protection.

This Is the Platform Google Claims Is Behind a 'Staggering’ Scam Text Operation

Google is suing 25 people it alleges are behind a “relentless” scam text operation that uses a phishing-as-a-service platform called Lighthouse.