Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
Jul 10, 2025Ravie LakshmananCybercrime / Ransomware The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber…
Category: TheHackerNews
What Security Leaders Need to Know About AI Governance for SaaS
Generative AI is not arriving with a bang, it’s slowly creeping into the software that companies already use on a daily basis. Whether it is…
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as…
Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets
Jul 09, 2025Ravie LakshmananCyber Threat / Malware The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked…
DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware
Jul 09, 2025Ravie LakshmananMalware / Cyber Espionage A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with…
How To Automate Ticket Creation, Device Identification and Threat Triage With Tines
Jul 09, 2025The Hacker NewsSecurity Operations / Automation Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000…
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
Jul 09, 2025Ravie LakshmananMalware / Cyber Crime The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of…
Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks
Jul 09, 2025Ravie LakshmananCyber Espionage / Threat Intelligence A Chinese national has been arrested in Milan, Italy, for his alleged links to a state-sponsored hacking…
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
For the first time in 2025, Microsoft’s Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but acknowledged one of the addressed flaws…
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware
Jul 08, 2025Ravie LakshmananMalware / Cybercrime In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers…
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play
Jul 08, 2025Ravie LakshmananMalware / Mobile Security Cybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target…
Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little…