The Hacker News

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Matrix Push C2 abuses browser notifications for fileless, cross-platform phishing, while Velociraptor misuse rises after a ...
The Hacker News

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

CISA adds exploited Oracle Identity Manager CVSS 9.8 flaw to KEV catalog as agencies rush to patch zero-day attacks.
The Hacker News

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain ...