- CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Luresby info@thehackernews.com (The Hacker News) on 06/08/2025 at 07:25
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the defense forces, and enterprises of the defense-industrial complex in the country. The attacks, which leverage phishing emails as an initial compromise vector, are used to deliver malware families like MATCHBOIL, MATCHWOK, and
- AI Is Transforming Cybersecurity Adversarial Testing - Pentera Founder’s Visionby info@thehackernews.com (The Hacker News) on 06/08/2025 at 05:50
When Technology Resets the Playing Field In 2015 I founded a cybersecurity testing software company with the belief that automated penetration testing was not only possible, but necessary. At the time, the idea was often met with skepticism, but today, with 1200+ of enterprise customers and thousands of users, that vision has proven itself. But I also know that what we’ve built so far is only
- CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidenceby info@thehackernews.com (The Hacker News) on 06/08/2025 at 04:49
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three old security flaws impacting D-Link Wi-Fi cameras and video recorders to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The high-severity vulnerabilities, which are from 2020 and 2022, are listed below - CVE-2020-25078 (CVSS score: 7.5) - An
- ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infectionsby info@thehackernews.com (The Hacker News) on 05/08/2025 at 16:26
A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the past year, according to new findings from Guardio Labs. "Like a real-world virus variant, this new 'ClickFix' strain quickly outpaced and ultimately wiped out the infamous fake browser update scam that plagued the web
- Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wildby info@thehackernews.com (The Hacker News) on 05/08/2025 at 13:59
Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The vulnerabilities include CVE-2025-21479 (CVSS score: 8.6) and CVE-2025-27038 (CVSS score: 7.5), both of which were disclosed alongside CVE-2025-21480 (CVSS score: 8.6), by the chipmaker back in June 2025. CVE-2025-21479