The Hacker News

From Log4j to IIS, China's Hackers Turn Legacy Bugs into Global Espionage Tools

China-linked hackers exploited multiple CVEs in April 2025 to target global entities with advanced persistence.
InfoQ

Redis Critical Remote Code Execution Vulnerability Discovered After 13 Years

This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute ...
SecurityWeek

How Software Development Teams Can Securely and Ethically Deploy AI Tools

AI is transforming software development, but training developers on AI ethics, security, and liability is critical to ...
SecurityWeek

Data Exposure Vulnerability Found in Deep Learning Tool Keras

A vulnerability in the open source deep learning tool Keras could allow attackers to load arbitrary local files or conduct SSRF attacks.
The Hacker News

Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation

A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database ...