Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
Sep 01, 2025Ravie LakshmananMobile Security / Malvertising Cybersecurity researchers are calling attention to a new shift in the Android malware...
Read more →Category: TheHackerNews
Rethinking Security for Scattered Spider
As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In...
Read more →
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to...
Read more →
Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling
Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and...
Read more →
WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices
Aug 30, 2025Ravie LakshmananZero-Day / Vulnerability WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and...
Read more →
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
Aug 29, 2025Ravie LakshmananVulnerability / Web Security Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that...
Read more →
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part...
Read more →
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it flagged and disrupted what it described as an...
Read more →
Can Your Security Stack See ChatGPT? Why Network Visibility Matters
Aug 29, 2025The Hacker NewsEnterprise Security / Artificial Intelligence Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly...
Read more →
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
Aug 29, 2025Ravie LakshmananZero-Day / Vulnerability The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited...
Read more →
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Aug 29, 2025Ravie LakshmananVulnerability / Enterprise Security Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has...
Read more →
Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain
Aug 29, 2025Ravie LakshmananCryptocurrency / Cybercrime Authorities from the Netherlands and the United States have announced the dismantling of an...
Read more →