State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts.

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...

Server-side rendering vulnerabilities could allow attackers to steal authorization headers or perpetrate phishing and SEO hacking.

TL;DR: Titus is an open source secret scanner from Praetorian that detects and validates leaked credentials across source code, binary files, and HTTP traffic. It ships with 450+ detection rules and ...

Milestone release of Microsoft’s C# SDK for the Model Context Protocol brings full support for the 2025-11-25 version of the MCP Specification.

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...

In November 2025, Gartner formalized a new security category — Exposure Assessment Platforms — evaluating 20 vendors on their ability to continuously identify and prioritize The post What Is an ...

Obtaining a geocoding api key marks the starting point for any location-based feature development. The process should be simple, but varies dramatically ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

It's a lifesaver.

Over 2,800 exposed Google API keys may allow unauthorized Gemini AI access, risking data leaks and massive API charges.