Category: TheHackerNews

Google Patches 120 Flaws, Including Two Zero-Days Under Attack
03
Sep
2025

Google Patches 120 Flaws, Including Two Zero-Days Under Attack

Sep 03, 2025Ravie LakshmananMobile Security / Vulnerability Google has shipped security updates to address 120 security flaws in its Android…

Detecting Data Leaks Before Disaster
03
Sep
2025

Detecting Data Leaks Before Disaster

In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting…

Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure
03
Sep
2025

Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure

Sep 03, 2025Ravie LakshmananArtificial Intelligence / Vulnerability Threat actors are attempting to leverage a newly released artificial intelligence (AI) offensive…

Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
03
Sep
2025

Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats

Sep 03, 2025Ravie LakshmananData Breach / Cyber Espionage An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing…

Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack
03
Sep
2025

Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack

Sep 03, 2025Ravie LakshmananThreat Intelligence / Network Security Cloudflare on Tuesday said it automatically mitigated a record-setting volumetric distributed denial-of-service…

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation
03
Sep
2025

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

Sep 03, 2025Ravie LakshmananVulnerability / Mobile Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity…

Salesloft Drift OAuth Token
03
Sep
2025

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Sep 03, 2025Ravie LakshmananData Breach / Threat Intelligence, Salesloft on Tuesday announced that it’s taking Drift temporarily offline “in the…

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE
02
Sep
2025

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE

Sep 02, 2025Ravie LakshmananMalware / Threat Intelligence The North Korea-linked threat actor known as the Lazarus Group has been attributed…

MystRodX Backdoor
02
Sep
2025

Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control

Sep 02, 2025Ravie LakshmananCyber Espionage / Network Security Cybersecurity researchers have disclosed a stealthy new backdoor called MystRodX that comes…

Shadow AI Discovery
02
Sep
2025

A Critical Part of Enterprise AI Governance

Sep 02, 2025The Hacker NewsData Privacy / SaaS Security The Harsh Truths of AI Adoption MITs State of AI in…

Massive Brute-Force Attacks
02
Sep
2025

Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices

Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive brute-force and password spraying campaigns targeting SSL VPN…

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware
02
Sep
2025

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with…