5 Reasons Device Management Isn’t Device Trust – The Hacker News
The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report…
Hacker News
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More – The Hacker News
Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that’s exactly what we saw in last week’s activity. Hackers are getting better at hiding inside…
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery – The Hacker News
Cybersecurity researchers have disclosed a surge in “mass scanning, credential brute-forcing, and exploitation attempts” originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity,…
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures – The Hacker News
The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that’s targeting diplomatic entities across Europe with a new variant of WINELOADER and a…
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems – The Hacker News
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in…
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware – The Hacker News
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States – The Hacker News
Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024. “The toll…
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader – The Hacker News
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. “Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass…
[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach – The Hacker News
Your employees didn’t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated…
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT – The Hacker News
Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting…
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download – The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation…
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates – The Hacker News
The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the…
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns – The Hacker News
Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late…
Artificial Intelligence – What’s all the fuss? – The Hacker News
Talking about AI: Definitions Artificial Intelligence (AI) — AI refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, such as…
Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords – The Hacker News
Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools,…