News
Entertainment
Science & Technology
Sport
Business & Money
Life
Culture & Art
Hobbies
4 | Follower
The Hacker News
02.06.2025
Plug-and-play phishing kits like Haozi drive global scams, bypass MFA, and lower attacker skill bar.
01.06.2025
Linux vulnerabilities CVE-2025-5054 and CVE-2025-4598 let local attackers extract sensitive data via SUID core dumps.
31.05.2025
Earth Lamia exploited SAP NetWeaver CVE-2025-31324 to breach Asian and Brazilian orgs since 2023.
DoJ seized 4 domains on May 27 tied to malware crypting tools, disrupting cybercriminal stealth operations.
New Rust-based EDDIESTEALER spreads via fake CAPTCHA pages, stealing credentials and bypassing Chrome encryption.
MultiCare used identity-based microsegmentation to boost uptime and cut ransomware-linked mortality by 28%.
Funnull enabled $200M in U.S. crypto scam losses using AWS-based domains and DGAs to evade takedowns.
30.05.2025
Fake AI installers for ChatGPT and InVideo deliver ransomware and info-stealers via SEO scams and social ads, targeting businesses.
DragonForce exploited three SimpleHelp CVEs to hijack an MSP’s RMM tool, steal data, and deploy ransomware on customer systems.
ConnectWise breached by suspected nation-state actor in May 2025; Google Mandiant leads probe; flaw CVE-2025-3935 patched earlier.
Meta Shuts Down Covert Iranian, Chinese, and Romanian Influence Ops Using Fake Accounts in Q1 2025
Malware with corrupted DOS and PE headers evades detection for weeks, decrypts TLS-based C2 and enables full attacker control.
29.05.2025
PumaBot hijacks Linux IoT devices via SSH brute-force, fakes Redis services, and mines crypto using stealthy rootkits.
CVE-2025-47577 flaw in TI WooCommerce Wishlist lets unauthenticated attackers upload malicious files—no patch yet, 100K+ sites at risk.
251 Amazon-hosted IPs scanned 75 tech targets on May 8 in a one-day exploit surge, showing orchestrated cloud-based recon.
Session hijacking now drives enterprise breaches—88% involve stolen credentials, often exploited within hours.
Mimo exploits CVE-2025-32432 in Craft CMS days after disclosure, deploying cryptominer and proxyware for monetization.
APT41 used Google Calendar to control TOUGHPROGRESS malware via encrypted events; Google shut it down.
Iranian hacker pleads guilty to Robbinhood ransomware attacks causing $19M+ in losses, crippling U.S. cities via BYOVD and crypto laundering tactics.
Browser-in-the-Middle attacks bypass MFA by stealing session tokens via transparent remote browsers.
OneDrive’s OAuth flaw grants full cloud access via vague prompts + insecure tokens = user data risk.
China-linked APT31 hacked Czech Foreign Affairs Ministry from 2022, violating UN cyber norms.
28.05.2025
Fake Bitdefender site spreads Venom RAT via Bitbucket and Amazon S3, targeting crypto wallets and 2FA codes.
Apple prevented $2B in App Store fraud in 2024 by blocking fake apps, users, and stolen payments.
Mobile-focused phishing using SEO poisoning and fake portals hit payroll systems in May 2025, rerouting salaries and evading detection via home router
23.7M secrets were exposed on GitHub in 2024—driven by AI agent sprawl and poor NHI governance.
Void Blizzard targeted over 20 NGOs using credential phishing via fake Entra logins, exfiltrating sensitive cloud data.
Malware campaign exploits exposed Docker APIs to mine Dero, spread worm-like, and persist in containers.
27.05.2025
60 npm packages and VS Code extensions deployed sandbox-evasive malware to steal system data, developer credentials, and crypto wallets.
From TikTok malware drops to zero-day exploits, this week’s roundup is packed with critical intel.
Luna Moth uses spoofed IT domains and callback phishing to access law firm data, bypassing detection with legitimate tools.
70% of US sites drop ad cookies despite opt-outs, risking fines and distrust; real-time validation prevents this
TAG-110 abandoned HTA-based payloads in January 2025, using macro-enabled Word templates to target Tajik institutions.
25.05.2025
Winos 4.0 malware campaign active since Feb 2025 uses fake installers, Catena loader, and AV evasion tactics.
24.05.2025
Operation Endgame dismantled 300 servers and seized €3.5M crypto, disrupting ransomware access networks globally.
SafeLine WAF delivers 99.45% threat detection via semantic analysis + full self-hosted control + zero subscription fees.
Latrodectus malware evades detection with ClickFix technique; TikTok and fake Ledger apps expand threat reach.
ViciousTrap exploited CVE-2023-20118 to hijack 5,300 routers, building a honeypot-style spy network.
23.05.2025
Three critical Versa Concerto flaws disclosed after 90 days allow remote code execution via reverse proxy misconfigurations.
New laws demand provable cybersecurity programs. Learn how CIS Controls and tools help meet legal, scalable standards.