Security
Headlines
HeadlinesLatestCVEs

Tag

#google

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Chinese-speaking users are the target of a search engine optimization (SEO) poisoning campaign that uses fake software sites to distribute malware. "The attackers manipulated search rankings with SEO plugins and registered lookalike domains that closely mimicked legitimate software sites," Fortinet FortiGuard Labs researcher Pei Han Liao said. "By using convincing language and small character

The Hacker News
Open in Source
#web#mac#windows#google#js#git#chrome#firefox#sap#The Hacker News
Samsung Fixes Image Parsing Vulnerability Exploited in Android Attacks

Samsung patched CVE-2025-21043, a critical flaw in its Android devices exploited in live attacks. Users urged to install September 2025 update.

New VoidProxy Phishing Service Bypasses MFA on Microsoft and Google Accounts

Okta Threat Intelligence exposes VoidProxy, a new PhaaS platform. Learn how this advanced service uses the Adversary-in-the-Middle technique…

FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks

The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for a string of data theft and extortion attacks. "Both groups have recently been observed targeting organizations' Salesforce platforms via different initial access mechanisms," the FBI said. UNC6395 is a

SEO Poisoning Attack Hits Windows Users With Hiddengh0st and Winos Malware

New SEO poisoning campaign exposed! FortiGuard Labs reveals how attackers trick users with fake websites to deliver Hiddengh0st…

AI browsers or agentic browsers: a look at the future of web surfing

Agentic and AI browsers are here: What are they? Which ones are there? How can they help me? Are they safe to use?

From Fitbit to financial despair: How one woman lost her life savings and more to a scammer

We often don’t find out the real details of a scam, and how one ‘like’ can turn into a nightmare that controls someone’s life for many years. This is that story.

Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks

Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks. The vulnerability, CVE-2025-21043 (CVSS score: 8.8), concerns an out-of-bounds write that could result in arbitrary code execution. "Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to

Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms

Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR). The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county that at least one of the devices linked to their iCloud accounts may have been compromised as part

Scattered Lapsus$ Hunters Hacker Group Announces Shutdown

Scattered Lapsus$ Hunters, linked to the Jaguar Land Rover cyberattack, claims to shut down as experts suggest the…