The Hacker News

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

Why clicking the wrong Copilot link could put your data at risk

Microsoft Copilot security vulnerability allows attackers to steal data through malicious links. Learn how the attack works, ...
TechRepublic

windows vulnerability

Microsoft patched a Windows Remote Assistance flaw that lets attackers bypass Mark of the Web, weakening protections against malicious downloads and phishing files. Explore Get the web's best business ...
WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image ...
SiliconANGLE

Cyata flags agentic AI supply-chain risk in Cursor remote code execution bug

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code execution vulnerability in Cursor Inc.’s integrated development environment that ...
techtimes

From Visibility to Validation: How Astra Security Is Redefining Cloud Vulnerability Scanning

Cloud environments are dynamic by design. New identities are created, policies adjusted, and workloads deployed or retired several times a day. Yet many organizations continue to rely on scanning and ...
Ars Technica

Admins and defenders gird themselves against maximum-severity server vuln

Security defenders are girding themselves in response to the disclosure of a maximum-severity vulnerability disclosed Wednesday in React Server, an open-source package that’s widely used by websites ...
Searchenginejournal.com

Server Security Scanner Vulnerability Affects Up To 56M Sites

A critical vulnerability was recently discovered in Imunify360 AV, a security scanner used by web hosting companies to protect over 56 million websites. An advisory by cybersecurity company Patchstack ...
aha.org

Microsoft issues security update addressing critical vulnerability impacting Windows server services

Microsoft has released a security update to address a critical remote code execution vulnerability impacting multiple versions of Windows Server Update Services that was not fully eradicated by a ...
TWCN Tech News

How to configure SMTP server in Windows Server Step by Step

Configuring an SMTP (Simple Mail Transfer Protocol) server on Windows Server is a common task for system administrators who need to enable applications or websites to send email messages. Unlike a ...
Bleeping Computer

New Atroposia malware comes with a local vulnerability scanner

A new malware-as-a-service (MaaS) platform named Atroposia provides cybercriminals a remote access trojan that combines capabilities for persistent access, evasion, data theft, and local vulnerability ...