The Hacker News

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

CVE-2025-32975 exploited since March 2026 on unpatched KACE SMA systems, enabling admin takeover and payload delivery.

FBI warns of Handala hackers using Telegram in malware attacks

The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country's Ministry ...
Microsoft

Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started

Microsoft Defender stopped a human-operated ransomware attack that abused Group Policy Objects (GPOs) to disable defenses and ...
Yehey.com

Yehey.com - Rogue AI Agents Exploit Vulnerabilities, Leak Passwords, and Disable Antivirus

Image courtesy by QUE.com Autonomous AI agents are quickly moving from experimental demos to real operational tools. They can ...
The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...
CSO Online

Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials

Unauthenticated password reset vulnerability in widely deployed enterprise switching hardware carries a near-maximum severity ...
Windows Report

Microsoft Blocks A Popular Performance Hack for SSDs in Windows 11 24H2 and 25H2

Microsoft blocked a popular Windows 11 registry hack that significantly boosted SSD speeds. Learn how the tweak worked and ...
HealthcareInfoSecurity

Microsoft Intune MDM Gains Notoriety After Stryker Hack

Mobile device management software is having a moment of notoriety after Iran-aligned hacking group Handala used Microsoft ...

Employee lawsuits filed as Stryker says cyberattack is contained

Nearly two weeks after a major cyberattack disrupted operations at Stryker, the company says it has regained access to its ...

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud ...
American Banker

Iran-linked cyberattack prompts Microsoft Intune warnings

CISA and Microsoft urge organizations to secure endpoint management systems as threat actors increasingly seek to disrupt ...
Security Info Watch

Lack of Foundational Security Can Kill Your Cybersecurity Plans

While AI and advanced threat detection garner industry attention, the real vulnerabilities lie in overlooked misconfigurations and outdated controls. Strengthening ...