News

The Hacker News3h
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
Phishers abused Google Sites and DKIM replay to send valid-signed emails, bypassing filters and stealing credentials.
The Hacker News3h
5 Major Concerns With Employees Using The Browser
Security teams must integrate browser security into their enterprise security stack to gain real-time visibility, detect ...
The Hacker News6h
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Microsoft secures MSA and Entra ID with Azure Confidential VMs + HSM, preventing token forgery and reducing breach risks.
The Hacker News21h
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
"In some systems, initial access was gained through exploiting the RDP vulnerability (BlueKeep, CVE-2019-0708)," the South ...
The Hacker News9h
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Lotus Panda breached 6 Southeast Asian organizations using custom tools, browser stealers, and sideloaded malware.
The Hacker News10h
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
SuperCard X malware exploits NFC relay and social engineering to steal card data in Italy, enabling ATM fraud.
The Hacker News1d
âš¡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
From zero-click iOS exploits to NTLM credential leaks and the 4Chan breach — this week’s cyber threats hit where trust runs ...
The Hacker News1d
How AI and IoT are Supercharging the DDoS Threat
The surge in DDoS attack traffic this year has been driven in part by the rapid expansion of IoT devices - from smart watches ...
The Hacker News1d
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Proton66-hosted IPs launched global cyberattacks since Jan 8, 2025, exploiting critical CVEs to deploy malware.
The Hacker News2d
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting ...
The Hacker News2d
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram ...
The Hacker News3d
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to ...