Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe. From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted backups and secure areas were put to the test.

The Hacker News
Open in Source
#vulnerability#web#ios#android#mac#windows#google#microsoft#linux#ddos#dos#apache#nodejs#git#java#intel#backdoor#perl#samba#aws#amd#auth#dell#zero_day#docker#sap#ssl#The Hacker News
Ilevia EVE X1/X5 Server 4.7.18.0.eden Default Credentials

The EVE X1 server uses a weak set of default administrative credentials that can be found and used to gain full control of the system.

YouTube ‘Ghost Network’ Spreads Infostealer via 3,000 Fake Videos

Check Point Research exposed a sophisticated, role-based operation called the YouTube Ghost Network, distributing dangerous Lumma and Rhadamanthys Infostealer malware. Learn how cybercriminals use hijacked channels and bots to triple malicious video output and steal user credentials.

New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea

The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea. Gen Digital, which disclosed details of the activity, did not reveal any details on when the incident occurred, but noted that the phishing email contained a ZIP file ("250908_A_HK이노션

8 Top Application Security Tools (2026 Edition)

The software revolution has redefined what’s possible in global business. Complex applications underpin e-commerce, healthcare, finance, transportation, and…

UNC6384 Targets European Diplomatic Entities With Windows Exploit

The spear-phishing campaign uses fake European Commission and NATO-themed lures to trick diplomatic personnel into clicking malicious links.

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025. The activity targeted diplomatic organizations in Hungary, Belgium, Italy, and the Netherlands, as well as government agencies in Serbia, Arctic Wolf said in a

Hackers Exploit WSUS Flaw to Spread Skuld Stealer Despite Microsoft Patch

Cybercriminals exploit a WSUS vulnerability to deploy Skuld Stealer malware, even after Microsoft released an urgent security patch.

Update Chrome now: 20 security fixes just landed

Google’s latest Chrome release fixes seven serious flaws that could let attackers run malicious code just by luring you to a compromised page.

CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. "By restricting administrative access, implementing multi-factor authentication, enforcing strict transport security