FBI Warns of Scattered Spider’s Expanding Attacks on Airlines Using Social Engineering
The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening...
Read more →Category: TheHackerNews
Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns
Jun 28, 2025Ravie LakshmananPrivacy / Data Protection Facebook, the social network platform owned by Meta, is asking for users to...
Read more →
From Browser Stealer to Intelligence-Gathering Tool
Jun 28, 2025Ravie LakshmananMalware / Cyber Warfare The threat actor behind the GIFTEDCROOK malware has made significant updates to turn...
Read more →
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
Jun 27, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have discovered a network of more than 1,000 compromised small office...
Read more →
PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack
Jun 27, 2025Ravie LakshmananVulnerability / Cyber Espionage A China-linked threat actor known as Mustang Panda has been attributed to a...
Read more →
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit
Jun 27, 2025Ravie LakshmananMalware / Cyber Attack A new campaign has been observed leveraging fake websites advertising popular software such...
Read more →
Business Case for Agentic AI SOC Analysts
Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets...
Read more →
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted
Jun 27, 2025Ravie LakshmananNetwork Security / Vulnerability Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity...
Read more →
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors...
Read more →
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
Jun 26, 2025Ravie LakshmananOpen Source / Vulnerability Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”)...
Read more →
New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks
Jun 26, 2025Ravie LakshmananCyber Attack / Malware Analysis The ClickFix social engineering tactic as an initial access vector using fake...
Read more →
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
Jun 26, 2025Ravie LakshmananVulnerability, Network Security Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine...
Read more →