AI-powered credential stuffing could worsen in 2025, as attackers scale automation to breach accounts. Defending identity security is now more critica

The Hacker News

05.03.2025

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

Broadcom patches three actively exploited VMware flaws, including a critical (CVSS 9.3) bug enabling code execution. Update now for protection.

The Hacker News

05.03.2025

Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates

Black Basta and CACTUS ransomware groups share the BackConnect module, suggesting a shift in affiliations.

The Hacker News

05.03.2025

Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector

Hackers used a compromised Indian electronics firm’s email to deliver a Golang backdoor in a UAE-targeted phishing campaign.

The Hacker News

04.03.2025

Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail

JavaGhost exploits AWS misconfigurations to run phishing campaigns via SES and WorkMail, evading email protections

The Hacker News

04.03.2025

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

CISA adds five exploited vulnerabilities to its KEV catalog, including flaws in Cisco, Microsoft, and Progress software.

The Hacker News

04.03.2025

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks

Paragon Software patches CVE-2025-0289, a zero-day flaw in BioNTdrv.sys, exploited for privilege escalation and ransomware

The Hacker News

04.03.2025

⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists

Get exclusive insights on cyber attacks—including expert analysis on zero-day exploits, AI breaches, and crypto hacks—in our free newsletter.

The Hacker News

04.03.2025

U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children's Data Protection Practices

U.K. ICO launches investigations into TikTok, Reddit, and Imgur over concerns about children's data privacy and online safety compliance

The Hacker News

04.03.2025

Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

Threat actors use ClickFix to spread Havoc C2 malware via SharePoint and Microsoft Graph API, while scammers exploit Google Ads to target PayPal users

The Hacker News

04.03.2025

Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

Google’s March 2025 Android Security Bulletin fixes 44 vulnerabilities, including two actively exploited flaws.

The Hacker News

04.03.2025

The New Ransomware Groups Shaking Up 2025

Ransomware attacks rose 11% in 2024, with 5,414 incidents and 46 new groups emerging. RansomHub led with 531 attacks.

The Hacker News

04.03.2025

Vo1d Botnet's Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries

Vo1d botnet infects 800K+ Android TVs daily, peaks at 1.59M devices, with India’s cases surging 18-fold. Experts warn of escalating cyber threats.

The Hacker News

01.03.2025

Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android Phone

Cellebrite's zero-day exploit bypassed an Android lock screen to access a Serbian activist’s phone. Amnesty links attack to Linux kernel flaws.

The Hacker News

01.03.2025

RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable

Hackers now scan port 1098 to exploit RDP vulnerabilities, targeting 740,000 IPs daily. Microsoft patches two critical flaws. Protect your business no

The Hacker News

01.03.2025

Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains

Cybercriminals use fake CAPTCHAs in phishing PDFs to spread Lumma Stealer, targeting 7,000+ users via Webflow, GoDaddy, and YouTube

The Hacker News

01.03.2025

Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

Sticky Werewolf deploys Lumma Stealer via phishing attacks in Russia and Belarus, stealing credentials, banking data, and cryptowallet information.

home›The Hacker News›Software

The Hacker News - Software

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools

This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions

Webinar: Learn How ASPM Transforms Application Security from Reactive to Proactive

Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide

FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations

What PCI DSS v4 Really Means – Lessons from A&F Compliance Journey

U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website

Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing

PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors

Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom

Outsmarting Cyber Threats with Attack Graphs

Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist

Identity: The New Cybersecurity Battleground

Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud

U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations

Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America

China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access

Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants

Defending against USB drive attacks with Wazuh

Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers

Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems

How New AI Agents Will Transform Credential Stuffing Attacks

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates

Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector

Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks

⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists

U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children's Data Protection Practices

Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

The New Ransomware Groups Shaking Up 2025

Vo1d Botnet's Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries

Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android Phone

RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable

Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains

Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

home
›
The Hacker News
›
Software