News

The Hacker News3h
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Lotus Panda breached 6 Southeast Asian organizations using custom tools, browser stealers, and sideloaded malware.
The Hacker News15h
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
"In some systems, initial access was gained through exploiting the RDP vulnerability (BlueKeep, CVE-2019-0708)," the South ...
The Hacker News21h
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
From zero-click iOS exploits to NTLM credential leaks and the 4Chan breach — this week’s cyber threats hit where trust runs ...
The Hacker News3h
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
SuperCard X malware exploits NFC relay and social engineering to steal card data in Italy, enabling ATM fraud.
The Hacker News20h
5 Reasons Device Management Isn't Device Trust
MDM and EDR solutions are effective for managing and securing devices that are enrolled and within the organization's control ...
The Hacker News1d
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Proton66-hosted IPs launched global cyberattacks since Jan 8, 2025, exploiting critical CVEs to deploy malware.
The Hacker News1d
How AI and IoT are Supercharging the DDoS Threat
The surge in DDoS attack traffic this year has been driven in part by the rapid expansion of IoT devices - from smart watches ...
The Hacker News2d
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting ...
The Hacker News2d
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to ...
The Hacker News2d
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
The flaw is assessed to be a variant of CVE-2024-43451 (CVSS score: 6.5), which was patched by Microsoft in November 2024 and ...
The Hacker News2d
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram ...
The Hacker News4d
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
XorDDoS is a well-known malware that has a track record of striking Linux systems for over a decade. In May 2022, Microsoft ...