Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely on—and in some cases, they started attacking before a fix was even ready. Below, we list the urgent updates you need to install right now to stop these active threats. ⚡ Threat of the Week Apple and

The Hacker News
Open in Source
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#microsoft#linux#cisco#ddos#dos#apache#js#git#intel#backdoor#rce#pdf#huawei#oauth#auth#ssh#zero_day#ruby#bitbucket#chrome#sap#ssl#The Hacker News
Coupang CEO Steps Down After Data Breach Hits 33.7 Million Users

South Korean e-commerce giant Coupang faces intense scrutiny after CEO Park Dae-jun resigns over a data breach that exposed 33.7 million customer accounts. Read about the police raids, US lawsuit, and regulatory orders from PIPC.

AI Toys for Kids Talk About Sex, Drugs, and Chinese Propaganda

Plus: Travelers to the US may have to hand over five years of social media history, South Korean CEOs are resigning due to cyberattacks, and more.

The US digital doxxing of H-1B applicants is a massive privacy misstep

By making social accounts public, the new policy exposes private data that attackers can use for targeting, impersonation, or extortion.

How private is your VPN?

After years of trying VPNs for myself, privacy-minded family members, and a few mission-critical projects, here’s what I wish everyone knew.

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life is still wide open. The new Threatsday Bulletin

Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days

Microsoft closed out 2025 with patches for 56 security flaws in various products across the Windows platform, including one vulnerability that has been actively exploited in the wild. Of the 56 flaws, three are rated Critical, and 53 are rated Important in severity. Two other defects are listed as publicly known at the time of the release. These include 29 privilege escalation, 18 remote code

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The Fortinet vulnerabilities affect FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager and relate to a case of improper verification of a cryptographic signature. They are tracked as CVE-2025-59718 and

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

It’s been a week of chaos in code and calm in headlines. A bug that broke the internet’s favorite framework, hackers chasing AI tools, fake apps stealing cash, and record-breaking cyberattacks — all within days. If you blink, you’ll miss how fast the threat map is changing. New flaws are being found, published, and exploited in hours instead of weeks. AI-powered tools meant to help developers

New Variant of ClayRat Android Spyware Seize Full Device Control

The dangerous ClayRat Android spyware has evolved, gaining the ability to steal PINs, record screens, and disable security by abusing Accessibility Services. Users must beware of fake apps spreading through phishing sites and Dropbox.