News

The Hacker News6d

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Max severity Argo CD API flaw leaks repository credentials

An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project.
Cloud Security Alliance2d

API Security in the AI Era

Learn how AI-driven APIs reshape threat models and discover actionable security practices to protect data and prevent ...
The Hacker News6d

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

GhostRedirector compromised 65 Windows servers since Aug 2024 using Rungan and Gamshen malware, driving SEO fraud.
Windows Latest1d

Windows 11 24H2 rolls out Emoji 16.0, but there’s a catch – Emoji panel doesn’t support it

Emoji 16.0 update has landed in Windows 11, with new icons like Fingerprint and Shovel, but the absence in Emoji Panel leaves ...
Security Boulevard2h

Microsoft’s September Security Update High-Risk Vulnerability Notice for Multiple Products

Overview On September 10, NSFOCUS CERT detected that Microsoft released the September Security Update patch, fixing 86 security issues involving widely used products such as Windows, Microsoft Office, ...
Security Boulevard6d

Response to CISA Advisory (AA25-239A): Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

AttackIQ has updated the assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures ...
CNET5d

Best VPN Service for 2025: Our Top Picks in a Tight Race

Our expert, award-winning staff selects the products we cover and rigorously researches and tests our top picks. If you buy through our links, we may get a commission. Attila covers software, apps and ...