News

The Hacker News3h

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

UNC6384 is assessed to share tactical and tooling overlaps with a known Chinese hacking group called Mustang Panda, which is also tracked as BASIN, Bronze President, Camaro Dragon, Earth Preta, ...
The Hacker News4h

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

Docker patched CVE-2025-9074 (CVSS 9.3), a flaw enabling container escape via unauthenticated API, risking host takeover.
The Hacker News5h

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads

UpCrypter phishing since Aug 2025 uses fake voicemails, RAT payloads, and anti-analysis, hitting global industries.
The Hacker News9h

Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations

Organizations detected only 1 in 7 attacks in 2025; log failures, misconfigurations, and performance issues left systems ...
The Hacker News13h

The New Mindset: Platforms Over Products

Traditional tools fail; Keeper CEO highlights zero trust, least privilege, and AI automation reshaping defense.
The Hacker News13h

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

Transparent Tribe targets Indian government using weaponized .desktop files since 2022, enabling persistence and credential ...
The Hacker News14h

ShinyHunters Data Breach vs. SaaS: Why Dynamic Security Matters

ShinyHunters is a notorious cybercrime group that has resurfaced with a new playbook of SaaS-focused attacks. Known for ...