kkRAT Exploits Network Protocols to Exfiltrate Clipboard Data
The threat actor delivers three Remote Access Trojans (RATs)—ValleyRAT, FatalRAT, and a newly discovered RAT dubbed kkRAT—via phishing sites hosted...
Read more →News Archive
View All →
Default Cursor setting can be exploited to run malicious code on developers’ machines
An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code...
Read more →
‘Astronaut-in-distress’ romance scammer steals money from elderly woman
A Japanese octogenarian from Hokkaido Island lost thousands of dollars after being scammed by someone who described himself as a desperate...
Read more →
Helping CISOs Speak the Language of Business
Sep 11, 2025The Hacker NewsContinuous Threat Exposure Management CISOs know their field. They understand the threat landscape. They understand how...
Read more →
Storage is key to AI projects that succeed
The hyperscaler cloud providers plan to spend $1tn on hardware optimised for artificial intelligence (AI) by 2028, according to market...
Read more →
SonicWall SSL VPN Flaw CVE-2024-40766 Actively Exploited
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an urgent alert regarding active exploitation of a...
Read more →
NVIDIA NVDebug Tool Vulnerability Let Attackers Escalate Privileges
NVIDIA has released a security update for its NVDebug tool to address three high-severity vulnerabilities that could allow an attacker...
Read more →
ZynorRAT Exploits Windows and Linux Systems to Gain Remote Access
During a recent threat hunting exercise, the Sysdig Threat Research Team (TRT) identified a new sample dubbed ZynorRAT. This Go-based...
Read more →
ChillyHell macOS Malware Resurfaces, Using Google.com as a Decoy
A previously dormant macOS threat, ChillyHell, is reviving. Read how this malware can bypass security checks, remain hidden, and install...
Read more →
Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts
Sep 11, 2025Ravie LakshmananMalvertising / Browser Security Cybersecurity researchers have disclosed two new campaigns that are serving fake browser extensions...
Read more →
Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT
Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT Pierluigi Paganini September 11, 2025 Hackers exploit ConnectWise ScreenConnect to drop AsyncRAT via...
Read more →
PoisonSeed Threat Actor Strengthens Credential Theft Operations with New Domains
Spoof the email delivery platform SendGrid and employ fake Cloudflare CAPTCHA interstitials to lend legitimacy before redirecting unsuspecting users to...
Read more →