News

The Hacker News3h
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers
"SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing an unauthenticated ...
The Hacker News3h
Why NHIs Are Security's Most Dangerous Blind Spot
Non-Human Identities, for the most part, authenticate using secrets: API keys, tokens, certificates, and other credentials ...
The Hacker News5h
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully ...
The Hacker News5h
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Earlier this month, Google-owned Mandiant also revealed that another security flaw in ICS (CVE-2025-22457) has been ...
The Hacker News22h
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 ...
The Hacker News23h
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
The exploitation of a security flaw in Innorix Agent for lateral movement is notable for the fact that a similar approach has ...