The Wild West of Shadow IT
Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it…
Category: TheHackerNews
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France,…
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto…
New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
Aug 02, 2025Ravie LakshmananThreat Detection / SSH Security Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection…
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
Aug 02, 2025Ravie LakshmananVulnerability / Zero Day SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge…
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution.…
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as…
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Aug 01, 2025Ravie LakshmananMalware / Artificial Intelligence Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a…
Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they…
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
Aug 01, 2025Ravie LakshmananThreat Intelligence / Ransomware The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is…
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies
Jul 31, 2025Ravie LakshmananCyber Espionage / Network Security The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage…
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
Jul 31, 2025Ravie LakshmananPhishing / Threat Intelligence Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping…