Security
Headlines
HeadlinesLatestCVEs

Tag

#google

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden software bugs to massive DDoS attacks and new ransomware tricks, this week’s roundup gives you the biggest security moves to know. Whether you’re protecting key systems or locking down cloud apps, these are the updates you need before making your next security

The Hacker News
Open in Source
#vulnerability#web#ios#android#mac#windows#google#microsoft#amazon#linux#cisco#ddos#dos#apache#js#git#intel#php#backdoor#ldap#samba#botnet#vmware#aws#auth#ssh#zero_day#docker#chrome#wifi#ssl#The Hacker News
The State of AI in the SOC 2025 - Insights from Recent Study 

Security leaders are embracing AI for triage, detection engineering, and threat hunting as alert volumes and burnout hit breaking points. A comprehensive survey of 282 security leaders at companies across industries reveals a stark reality facing modern Security Operations Centers: alert volumes have reached unsustainable levels, forcing teams to leave critical threats uninvestigated. You can

How to Use a Password Manager to Share Your Logins After You Die (2025)

Your logins will live on after you pass on. Make sure they end up in the right hands.

Tile Tracking Tags Can Be Exploited by Tech-Savvy Stalkers, Researchers Say

A team of researchers found that, by not encrypting the data broadcast by Tile tags, users could be vulnerable to having their location information exposed to malicious actors.

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models (LLMs) to obfuscate payloads and evade security defenses. "Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a synthetic structure

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

Cybersecurity researchers have discovered what has been described as the first-ever instance of a Model Context Protocol (MCP) server spotted in the wild, raising software supply chain risks. According to Koi Security, a legitimate-looking developer managed to slip in rogue code within an npm package called "postmark-mcp" that copied an official Postmark Labs library of the same name. The

A week in security (September 22 – September 28)

A list of topics we covered in the week of September 22 to September 28 of 2025

An App Used to Dox Charlie Kirk Critics Doxed Its Own Users Instead

Plus: A ransomeware gang steals data on 8,000 preschoolers, Microsoft blocks Israel’s military from using its cloud for surveillance, call-recording app Neon hits pause over security holes, and more.

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign distributing a new variant of a known malware called PlugX (aka Korplug or SOGU). "The new variant's features overlap with both the RainyDay and Turian backdoors, including abuse of the same legitimate applications for DLL side-loading, the

Inside the Nuclear Bunkers, Mines, and Mountains Being Retrofitted as Data Centers

Companies are going to great lengths to protect the infrastructure that provides the backbone of the world’s digital services—by burying their data deep underground.