Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far...
Read more →Category: TheHackerNews
3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics
Mar 24, 2025Ravie LakshmananMalware / Ransomware A ransomware-as-a-service (RaaS) operation called VanHelsing has already claimed three victims since it launched...
Read more →
How to Balance Password Security Against User Experience
Mar 24, 2025Ravie LakshmananPassword Security / Compliance If given the choice, most users are likely to favor a seamless experience...
Read more →
VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
Mar 24, 2025Ravie LakshmananMalware / Encryption Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace...
Read more →
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
Mar 24, 2025Ravie LakshmananVulnerability / Web Security A critical security flaw has been disclosed in the Next.js React framework that...
Read more →
Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
The supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects,...
Read more →
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
Mar 22, 2025Ravie LakshmananFinancial Security / Cryptocurrency The U.S. Treasury Department has announced that it’s removing sanctions against Tornado Cash,...
Read more →
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Mar 21, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have uncovered a new threat actor named UAT-5918 that has been...
Read more →
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
Mar 21, 2025Ravie LakshmananRansomware / BYOVD The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a...
Read more →
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers
Mar 21, 2025Ravie LakshmananMalware / Cyber Attack Two known threat activity clusters codenamed Head Mare and Twelve have likely joined...
Read more →
10-Month Campaign, 7 Global Targets, 5 Malware Families
Mar 21, 2025Ravie LakshmananCybercrime / Cyber Espionage The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been...
Read more →
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
Mar 21, 2025Ravie LakshmananCyber Attack / Vulnerability Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation...
Read more →