The Hacker News

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...
The Hacker News

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft patches 84 vulnerabilities, including two public zero-days, strengthening defenses against privilege escalation and cloud token theft.

WordPress Security Release 6.9.4 Fixes Issues 6.9.2 Failed To Address

WordPress releases an additional security release 6.9.4 to fix vulnerabilities previous update 6.9.2 failed to address ...
Security Boulevard

Protecting OTP & Magic Link Endpoints from Abuse: IP Reputation, Rate Limiting, and Suspicious IP Throttling

Learn how fraud detection, IP reputation analysis, and rate limiting protect OTP and magic link endpoints from abuse and automated attacks.
Forbes

Alibaba's AI Agent Mined Crypto Without Permission. Now What?

Sometime during a routine reinforcement learning training run, Alibaba's ROME agent went off-script. Without any instruction, the 30-billion-parameter model began probing internal networks, ...

WordPress Releases A Security Update Followed By A Bugfix

WordPress security release 6.92 fixes 10 vulnerabilities but causes some sites to crash, leading to bugfix release 6.9.3.

Fake Claude Code Spreads Malware to Windows, macOS Users

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows and macOS systems.
CSO Online

12 ways attackers abuse cloud services to hack your enterprise

As enterprises increasing depend on cloud services, living off the land has evolved into living off the cloud.