Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Oct 08, 2025Ravie LakshmananMalware / Threat Intelligence Threat actors with suspected ties to China have turned a legitimate open-source monitoring...
Read more →Category: TheHackerNews
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem
Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring continued shifts in...
Read more →
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now
Oct 08, 2025Ravie LakshmananVulnerability / Software Security Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp...
Read more →
Step Into the Password Graveyard… If You Dare (and Join the Live Session)
Oct 08, 2025The Hacker NewsPassword Security / Cyber Attacks Every year, weak passwords lead to millions in losses — and...
Read more →
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware...
Read more →
BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers
Oct 07, 2025Ravie LakshmananMalware / Threat Intelligence A Vietnamese threat actor named BatShadow has been attributed to a new campaign...
Read more →
Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them
Oct 07, 2025Ravie LakshmananArtificial Intelligence / Software Security Google’s DeepMind division on Monday announced an artificial intelligence (AI)-powered agent called...
Read more →
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range...
Read more →
AI Is Already the #1 Data Exfiltration Channel in the Enterprise
For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not...
Read more →
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the...
Read more →
CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Redis has disclosed details of a maximum-severity security flaw in its in-memory database...
Read more →
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
Oct 07, 2025Ravie LakshmananCyber Attack / Ransomware CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security...
Read more →