News

The Hacker News6h
New TETRA Radio Encryption Flaws Expose Law Enforcement Communications
Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) ...
The Hacker News17h
WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately
The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day ...
The Hacker News8h
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform ...
The Hacker News11h
6 Lessons Learned: Focusing Security Where Business Value Lives
Refined exposure management cuts remediation by 96%, aligning security with business priorities for stronger, efficient ...
The Hacker News17h
The Second Layer of Salesforce Security Many Teams Miss
Automated tools give you visibility. Adversarial testing gives you clarity. In Salesforce environments, you need both.
The Hacker News1d
Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation
The Windows RPC protocol utilizes universally unique identifiers (UUIDs) and an Endpoint Mapper (EPM) to enable the use of ...
The Hacker News1d
New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP
SafeBreach found four Windows DoS flaws via RPC and LDAP, enabling stealth DDoS botnets. Microsoft patched in 2025.
The Hacker News2d
Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models
Researchers found ReVault flaws in Dell ControlVault3 affecting 100+ laptop models, risking login bypass and key theft.
The Hacker News2d
Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems
Researchers bypass GPT-5 guardrails using narrative jailbreaks, exposing AI agents to zero-click data theft risks.
The Hacker News3d
AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims
AI-powered phishing mimics Brazilian agencies, stealing data and PIX payments; Efimer Trojan targets crypto wallets.
The Hacker News2d
CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials
Cybersecurity researchers have discovered over a dozen vulnerabilities in enterprise secure vaults from CyberArk and ...
The Hacker News5d
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft
While this approach ensures that each task gets credentials for its IAM role and they are delivered at runtime, a leak of the ...