⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

The Hacker News

14.10.2025

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft restricts IE Mode in Edge after threat actors exploited Chakra engine flaws for remote access.

The Hacker News

14.10.2025

Researchers Expose TA585's MonsterV2 Malware Capabilities and Attack Chain

Researchers link TA585 to MonsterV2 RAT stealer delivered via IRS-themed phishing, JavaScript injects, and GitHub lures.

The Hacker News

14.10.2025

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

RondoDox expands to exploit 56 flaws across 30 vendors, fueling global IoT botnet attacks.

The Hacker News

14.10.2025

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Client-side JavaScript attacks surged 690% in 2024; retailers must close browser security gaps now.

The Hacker News

14.10.2025

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with 50k+ downloads.

The Hacker News

13.10.2025

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

Astaroth banking trojan exploits GitHub for resilience, targeting Latin American users via phishing.

The Hacker News

13.10.2025

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

Oracle warns of CVE-2025-61884 flaw in E-Business Suite enabling unauthorized data access.

The Hacker News

13.10.2025

New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs

Rust-based ChaosBot exploits Discord and phishing to infiltrate networks, while Chaos-C++ adds data destruction.

The Hacker News

12.10.2025

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Huntress reports widespread SonicWall VPN compromises and Akira ransomware exploits amid firewall backup leaks.

The Hacker News

12.10.2025

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Storm-2603 exploits Velociraptor and SharePoint flaws to deploy LockBit, Warlock, and Babuk ransomware.

The Hacker News

11.10.2025

The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

AI-driven SOCs cut false positives by 80% and response times by 60%, redefining cybersecurity efficiency.

The Hacker News

11.10.2025

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

Researchers uncover 175 npm packages used in Beamglea phishing campaign targeting 135 companies.

The Hacker News

11.10.2025

From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

Huntress reports active exploitation of Gladinet CVE-2025-11371, exposing system files and enabling remote code execution.

The Hacker News

11.10.2025

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Fortinet warns Stealit malware uses Node.js SEA and fake installers to deliver stealers, RATs, and persistence.

The Hacker News

11.10.2025

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

Fortra confirms GoAnywhere MFT flaw CVE-2025-10035 exploited since September 11 to deploy ransomware.

The Hacker News

11.10.2025

Microsoft Warns of 'Payroll Pirates' Hijacking HR SaaS Accounts to Steal Employee Salaries

Storm-2657 exploits phishing and weak MFA to hijack HR SaaS accounts and redirect payroll funds.

The Hacker News

10.10.2025

From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine

Russian hackers’ AI-driven cyberattacks on Ukraine surged to 3,018 incidents in early 2025.

The Hacker News

10.10.2025

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall reports unauthorized access to encrypted firewall backup files, impacting under 5% of users.

The Hacker News

10.10.2025

From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware

UTA0388 uses ChatGPT-driven phishing to deploy GOVERSHELL malware across Asia, Europe, and North America.

The Hacker News

10.10.2025

SaaS Breaches Start with Tokens - What Security Teams Must Watch

Token theft drives major SaaS breaches in 2025, exposing gaps in OAuth, API, and app integration security.

The Hacker News

10.10.2025

CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

Oracle EBS zero-day CVE-2025-61882 exploited since August 2025; GTIG links campaign to Cl0p actors.

The Hacker News

10.10.2025

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

ClayRat Android spyware uses fake apps and Telegram to steal data and spread via contacts.

The Hacker News

10.10.2025

ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

Cyber threats evolve fast—blending AI, social engineering, and cloud attacks. Stay informed with practical insights to build digital trust.

The Hacker News

09.10.2025

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Chinese-linked hackers use Nezha and Gh0st RAT to compromise over 100 servers via phpMyAdmin flaws.

The Hacker News

09.10.2025

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Critical WordPress flaw CVE-2025-5947 exploited in 13,800 attacks lets hackers hijack Service Finder sites.

The Hacker News

09.10.2025

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

Weak passwords cost millions; learn real breach lessons and prevention tools in Specops’ live webinar.

The Hacker News

09.10.2025

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

DragonForce, LockBit, and Qilin form a powerful ransomware alliance as LockBit 5.0 emerges.

The Hacker News

09.10.2025

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Researchers expose new WordPress malware and ClickFix phishing kits exploiting cache smuggling for stealth attacks.

The Hacker News

09.10.2025

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

Figma MCP flaw CVE-2025-53967 lets attackers execute arbitrary code; patch released in version 0.6.3. (

The Hacker News

08.10.2025

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft links Storm-1175 to GoAnywhere flaw CVE-2025-10035, exploited since September for Medusa ransomware.

The Hacker News

08.10.2025

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

LayerX finds AI tools now drive most enterprise data leaks, with 77% of sensitive data pasted via personal accounts.

The Hacker News

08.10.2025

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

Trellix uncovers XWorm 6.0’s advanced plugins, phishing tactics, and resurgence under new operators

The Hacker News

08.10.2025

Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them

Google’s DeepMind unveils CodeMender, an AI agent that auto-fixes code vulnerabilities and enhances software security.

The Hacker News

08.10.2025

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

OpenAI disrupts Russian, North Korean, and Chinese threat groups misusing ChatGPT for malware and scams

The Hacker News

08.10.2025

13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

Redis fixes 13-year CVSS 10 flaw allowing Lua script-based remote code execution in all versions.

The Hacker News

08.10.2025

BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers

BatShadow uses fake job ads and Microsoft Edge redirects to spread Go-based Vampire Bot malware.

The Hacker News

07.10.2025

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike links Oracle EBS CVE-2025-61882 (CVSS 9.8) to Cl0p with moderate confidence; CISA adds to KEV, patch by Oct 27, 2025.

The Hacker News

07.10.2025

5 Critical Questions For Adopting an AI Security Solution

Five essential questions help organizations select AI-SPM tools for data protection, compliance, and scalability.

The Hacker News

07.10.2025

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

Your weekly snapshot of cyber chaos: from Oracle 0-Day exploits to fresh spyware, phishing kits, and ransomware twists—here’s what’s shaping security

home›The Hacker News›Software

The Hacker News - Software

⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Researchers Expose TA585's MonsterV2 Malware Capabilities and Attack Chain

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

Microsoft Warns of 'Payroll Pirates' Hijacking HR SaaS Accounts to Steal Employee Salaries

From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware

SaaS Breaches Start with Tokens - What Security Teams Must Watch

CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

5 Critical Questions For Adopting an AI Security Solution

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

home
›
The Hacker News
›
Software