The Hacker News

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft reports a multi-stage AitM phishing and BEC campaign abusing SharePoint, inbox rules, and stolen session cookies to ...
The Hacker News

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access

Researchers uncovered a two-stage phishing attack stealing email logins to install LogMeIn Resolve RMM for persistent, hidden Windows access.
The Hacker News

New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack

Experts uncovered a new Osiris ransomware strain that used a custom POORTRY driver in a BYOVD attack to disable security tools & steal data in 2025.
The Hacker News

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

A 9.8-severity flaw (CVE-2026-24061) in GNU InetUtils telnetd allows remote authentication bypass and root access in versions ...
The Hacker News

Filling the Most Common Gaps in Google Workspace Security

Google Workspace provides a strong baseline, yet default settings expose gaps in email security, access control, and data ...