News

The Hacker News12m
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
A critical vulnerability in mcp-remote (CVE-2025-6514) allows remote code execution, affecting 437,000+ users.
The Hacker News2h
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
A cryptocurrency social engineering campaign uses fake AI and gaming companies to deliver malware on Windows and macOS, ...
The Hacker News5h
Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
Four individuals were arrested in connection with £440M cyber attacks on Marks & Spencer, Co-op, and Harrods, linked to the ...
The Hacker News5h
What Security Leaders Need to Know About AI Governance for SaaS
U.S. companies are using generative AI, raising concerns about data privacy, compliance, and operational risks.
The Hacker News5h
AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
AMD reveals new Transient Scheduler vulnerabilities in CPUs, exposing sensitive data risks across multiple Ryzen and EPYC ...
The Hacker News6h
New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App
The altered app packs in two extra executables within Termius Helper.app, a loader named ".localized" that's designed to ...
The Hacker News9h
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
ServiceNow's CVE-2025-3648 flaw exposes sensitive data across multiple tables, impacting all users with misconfigured ACLs.
The Hacker News1d
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
The IT worker scheme, also tracked as Nickel Tapestry, Wagemole, and UNC5267, involves North Korean actors using a mix of ...
The Hacker News1d
Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets
Gold Melody uses ASP.NET vulnerabilities for long-term access, impacting various industries across Europe and the U.S.
The Hacker News2d
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play
Anatsa banking malware targets North American users via Google Play, leading to credential theft and financial fraud ...
The Hacker News1d
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware
Hackers are exploiting Shellter’s leaked Elite license to distribute Lumma Stealer, SectopRAT, and more. This affects ...
The Hacker News1d
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
"Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a ...