News
Entertainment
Science & Technology
Sport
Business & Money
Life
Culture & Art
Hobbies
4 | Follower
The Hacker News
27.06.2025
Iranian hackers linked to APT35 target Israeli professionals using AI-driven phishing, fake Gmail pages, and 2FA bypass.
SaaS platforms lack comprehensive data protection, exposing organizations to data loss, compliance risks, and cyberthreats.
Surge in scanning activity targets MOVEit Transfer systems, raising concerns over possible exploitation.
Cisco fixes CVE-2025-20281 and CVE-2025-20282 in ISE, ISE-PIC to prevent remote code execution.
A critical vulnerability in Open VSX Registry could allow attackers to control VS Code extensions, threatening millions of developers.
ClickFix attacks surged by 517% in 2024–2025, leading to ransomware, malware, and credential theft. Learn why it's a growing threat
OneClik malware exploits Microsoft ClickOnce to attack energy companies with stealthy Golang backdoors.
26.06.2025
Citrix releases urgent patches for CVE-2025-6543 in NetScaler ADC, a critical flaw affecting multiple versions. CVSS score 9.2.
Thousands of personal records from Saudi Games leaked by Cyber Fattah, fueling geopolitical tensions between Iran, Israel, and the U.S.
SonicWall and ConnectWise security breaches enable Trojan and remote access malware targeting VPN users and AI tool seekers.
CISA adds 3 critical vulnerabilities to KEV catalog, affecting AMI MegaRAC, D-Link, and Fortinet, urging mitigations by July 2025.
New research shows 9% of Microsoft Entra SaaS apps are vulnerable to nOAuth abuse, allowing full account takeovers.
Guest users in Entra ID may exploit billing roles to create and control subscriptions, escalating access undetected.
Two critical flaws in SAP GUI expose sensitive data. Patches now available for Windows and Java versions.
WhatsApp adds AI-powered Message Summaries, preserving privacy with Private Processing in the U.S
25.06.2025
U.S. Embassy mandates social media to be public for F, M, and J visa applicants to ensure identity verification.
Cryptominer campaigns disrupted using bad shares and XMRogue tool, reducing attackers' annual revenue by 76%
Cybersecurity experts share actionable insights on CTEM, risk reporting, and how to operationalize exposure management effectively
Hackers target Microsoft Exchange servers worldwide, injecting keyloggers to steal credentials from victims in 26 countries.
North Korean hackers exploit npm packages to deploy multi-stage malware, targeting job-seeking developers
Microsoft offers Windows 10 ESU program with free cloud sync or paid options for extra year of security updates.
U.S. House bans WhatsApp on government devices due to security risks, recommending alternatives like Signal.
Attackers exploit Docker misconfigurations to mine cryptocurrency using Tor, targeting technology, financial, and healthcare industries.
Ukrainian CERT warns of APT28 using Signal chat to deliver BEARDSHELL, COVENANT malware to government entities.
24.06.2025
Chinese Salt Typhoon actors exploit Cisco vulnerability to target global telecom providers, including Canadian devices (CVE-2023-20198).
DHS warns of rising cyber threats from pro-Iranian hackers after U.S. airstrikes on Iran’s nuclear facilities.
A new Go-based malware, XDigo, targets Eastern European governments and organizations, exploiting Windows LNK vulnerability
This week reminded us: real threats don’t make noise—they blend in.
Google strengthens GenAI defenses with new safeguards against indirect prompt injections and evolving attack vectors.
New Echo Chamber jailbreak manipulates LLMs like OpenAI and Google, bypassing safety systems to generate harmful content
AI-driven automation is transforming SOCs by reducing burnout, improving workflows, and boosting team performance.
22.06.2025
U.K. retailers M&S and Co-op targeted by Scattered Spider cyber attack, with losses up to £440M.
21.06.2025
Qilin ransomware intensifies, offering legal counsel to affiliates, rising as a top cybercrime platform with 304 victims in 2025.
Iran TV, crypto exchange hack escalate cyber conflict with Israel. Hacktivist groups target critical infrastructure.
Cloudflare blocks record 7.3 Tbps DDoS attack, targeting hosting provider, with 122,145 source IPs across 161 countries.
24/7 SOCs are essential for off-hours breach protection. Discover how to build one with AI and efficient staffing.
20.06.2025
AI-generated code is accelerating dev speed—but it’s also exposing users to stealthy, undetected flaws.
Hackers now exploit trusted apps like Zoom and Dropbox to launch stealth attacks. Learn how to detect LOTS threats
North Korean hackers used deepfake Zoom calls and Telegram links to infect Mac systems at a crypto firm.