The Hacker News

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Attackers exploit misconfigured email routing and weak spoof protections to send internal-looking phishing emails for ...
The Hacker News

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A critical flaw in legacy D-Link DSL routers lets unauthenticated attackers run commands and hijack DNS, with active ...
The Hacker News

Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

CERT/CC warns an unpatched TOTOLINK EX200 firmware flaw lets authenticated attackers enable unauthenticated root telnet and ...
The Hacker News

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Security researchers found two Chrome extensions with 900,000 installs secretly collecting ChatGPT and DeepSeek chats and ...
The Hacker News

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

A new PHALT#BLYX campaign targets European hotels using fake Booking.com emails, ClickFix lures, PowerShell, and MSBuild to ...
The Hacker News

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

AI-based VS Code forks recommended unclaimed extensions, allowing malicious uploads in Open VSX and risking developer systems ...