Key Findings from the Blue Report 2025
As security professionals, it’s easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks often…
Category: TheHackerNews
Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft
Aug 21, 2025Ravie LakshmananData Breach / Cybercrime A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years…
Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks
Aug 21, 2025Ravie LakshmananVulnerability / Zero-Day Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has…
FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage
Aug 20, 2025Ravie LakshmananCyber Espionage / Vulnerability A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security…
DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft
Aug 20, 2025Ravie LakshmananVulnerability / Browser Security Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be…
Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts
Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial intelligence (GenAI) model into carrying out intended actions by…
Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do
Aug 20, 2025The Hacker NewsArtificial Intelligence / Enterprise Security Do you know how many AI agents are running inside your business right now? If the…
Turning BIA Insights Into Resilient Recovery
Modern businesses face a rapidly evolving and expanding threat landscape, but what does this mean for your business? It means a growing number of risks,…
North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms
North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025.…
DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks
Aug 20, 2025Ravie LakshmananBotnet / Cybercrime A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed…
Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems
Aug 19, 2025Ravie LakshmananLinux / Malware Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux…
New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code
Aug 19, 2025Ravie LakshmananMalware / Cyber Attack Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously…