News

The Hacker News6h

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

ClickFix is the name given to a social engineering tactic where prospective targets are deceived into infecting their own ...
The Hacker News8h

Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

Google fixed 6 Android flaws, including 3 exploited Qualcomm bugs, raising spyware concerns. Users urged to update.
The Hacker News10h

Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to ...
The Hacker News11h

Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks

Most SaaS incidents come from misconfigurations or permission issues, not attacks—putting users at unseen risk.
The Hacker News12h

How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents

SOC teams using ANY.RUN report 3x faster response and 50% less workload by automating triage and enabling live threat ...
The Hacker News15h

15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign

TikTok Shop users are targeted in a phishing and malware campaign using 15,000 fake sites. Data and crypto thefts surge.
The Hacker News17h

SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

Huntress said it detected around 20 different attacks tied to the latest attack wave starting on July 25, 2025, with ...