Our Latest Posts
Cyber Security News
Taken from the hacker news website feed
- What Should We Learn From How Attackers Leveraged AI in 2025?
by [email protected] (The Hacker News) on January 13, 2026 at 11:55 amOld Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about “new” threats. AI-powered attacks. Quantum-resistant encryption. Zero-trust architectures. But looking around, it seems like the most effective attacks in 2025 are pretty much the same as they were in 2015. Attackers are exploiting the same entry points that
- ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
by [email protected] (The Hacker News) on January 13, 2026 at 11:47 amServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0 “This issue […] could enable an unauthenticated user to impersonate another user and
- New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack
by [email protected] (The Hacker News) on January 13, 2026 at 9:08 amCybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. “The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes a
- CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution
by [email protected] (The Hacker News) on January 13, 2026 at 7:15 amThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impacting Gogs by adding it to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, tracked as CVE-2025-8110 (CVSS score: 8.7), relates to a case of path traversal in the repository file editor that could result in code execution. “Gogs Path
- n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens
by [email protected] (The Hacker News) on January 12, 2026 at 4:39 pmThreat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers’ OAuth credentials. One such package, named “n8n-nodes-hfgjf-irtuinvcm-lasdqewriit,” mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then