The Hacker News

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian-linked APT28 ran credential-harvesting attacks in 2025 using fake Microsoft, Google, and VPN login pages, PDF lures, ...
The Hacker News

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro patched a critical Apex Central on-prem Windows flaw (CVE-2025-69258) with CVSS 9.8 that allows remote code ...
The Hacker News

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

CISA has closed 10 emergency cybersecurity directives issued between 2019 and 2024 after required actions were completed and ...
The Hacker News

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...
The Hacker News

FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

FBI warns Kimsuky hackers linked to North Korea are using malicious QR codes to bypass MFA, steal session tokens, and hijack cloud accounts.