The Hacker News

Why Institutions of Higher Education Face Unique Identity Security and Management Risk

Hybrid identity gaps and high user turnover create orphaned accounts in universities, increasing attack surface and breach risk.
The Hacker News

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

CVE-2025-32975 exploited since March 2026 on unpatched KACE SMA systems, enabling admin takeover and payload delivery.
The Hacker News

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

Bedrock attack vectors exploit permissions and integrations, enabling data theft, agent hijacking, and system compromise at scale.
The Hacker News

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Microsoft warns tax-season phishing hit 29,000 users via IRS lures, enabling credential theft and RMM-based access.
The Hacker News

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting ...
The Hacker News

Telegram's Crackdown Changed How Threat Actors Act, But Not Where They Act

Telegram blocked 43M channels in 2025, but cybercrime persists as actors adapt, maintaining platform dominance and forcing ...