1+ hour, 32+ min ago  (87+ words) Serv-U " Latest News, Reports & Analysis'The Hacker News Serv-U | Breaking Cybersecurity News | The Hacker News SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution The Riskiest Alert Types and Why Enterprise Soc Doesn't Triage Them AI Won't Break Microsoft 365. Your Security…...

1+ hour, 32+ min ago  (83+ words) FileZen " Latest News, Reports & Analysis'The Hacker News FileZen | Breaking Cybersecurity News | The Hacker News CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability AI Won't Break Microsoft 365. Your Security Backlog Will The Riskiest Alert Types and Why Enterprise Soc Doesn't Triage…...

1+ hour, 39+ min ago  (580+ words) A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023. The vulnerability, tracked as…...

14+ hour, 6+ min ago  (630+ words) Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries. "This prolific, elusive actor has a long history of targeting…...

14+ hour, 52+ min ago  (296+ words) "The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables " executing arbitrary shell commands and exfiltrating Anthropic API keys when users clone and open untrusted repositories," Check Point Research said in a report shared…...

16+ hour, 46+ min ago  (354+ words) The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull off social engineering attacks. The idea is to hire them for voice phishing campaigns targeting IT help desks, Dataminr…...

17+ hour, 22+ min ago  (992+ words) Triage is supposed to make things simpler. In a lot of teams, it does the opposite. When you can't reach a confident verdict early, alerts turn into repeat checks, back-and-forth, and "just escalate it" calls. That cost doesn't stay inside…...

19+ hour, 9+ min ago  (621+ words) Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings,…...

20+ hour, 52+ min ago  (688+ words) More than half of national security organizations still rely on manual processes to transfer sensitive data, according to The CYBER360: Defending the Digital Battlespace report. This should alarm every defense and government leader because manual handling of sensitive data is not…...

23+ hour, 3+ min ago  (683+ words) A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars. Peter…...