Security
Headlines
HeadlinesLatestCVEs

Latest News

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year

An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on susceptible devices by means of a

The Hacker News
Open in Source
#vulnerability#rce#botnet#The Hacker News
Cyver Core Reports 50% Reduction in Pentest Reporting Time with Generative AI

Amsterdam, Netherlands, 17th March 2025, CyberNewsWire

Scammers Pose as Cl0p Ransomware to Send Fake Extortion Letters

Scammers are sending fake extortion and ransom demands while posing as ransomware gangs, including the notorious Cl0p ransomware.…

AI-Powered DEI Web Accessibility Hackathon 2025: Technical Innovations and Real-World Impact

Following the success of the Neuro Nostalgia Hackathon that closed out in 2024, Hackathon Raptors has completed its…

1 in 10 people do nothing to stay secure and private on vacation

Spring Break vacationers could open themselves up to online scams and cyberthreats this year, according to new research from Malwarebytes.

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions

Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users' actions. That's according to new findings from Cisco Talos, which said such malicious activities can compromise a victim's security and privacy. "The features available in CSS allow attackers and spammers to track users' actions and

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source

SANS Institute Warns of Novel Cloud-Native Ransomware Attacks

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider’s storage security controls and default settings. “In just the past few months, I have witnessed two different methods for

GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories

Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow. The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It's used to track and retrieve all