The Hacker News
Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to admin@thehackernews.com
New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory
A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory.
The vulnerabi...
Posted on 27 December 2025 | 7:52 am
Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code
Trust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a "security incident" that ...
Posted on 26 December 2025 | 3:31 pm
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
A China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary pois...
Posted on 26 December 2025 | 2:44 pm
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence ...
Posted on 26 December 2025 | 9:27 am
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
It’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they’re blending in, hij...
Posted on 25 December 2025 | 2:01 pm
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds
The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack t...
Posted on 25 December 2025 | 12:46 pm
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
Fortinet on Wednesday said it observed "recent abuse" of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations....
Posted on 25 December 2025 | 8:22 am
CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video recorders (NVRs...
Posted on 25 December 2025 | 8:07 am
New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper
Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that's delivered by means of a digitally sign...
Posted on 24 December 2025 | 4:23 pm
Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media
The fraudulent investment scheme known as Nomani has witnessed an increase by 62%, according to data from ESET, as campaigns distributing the threa...
Posted on 24 December 2025 | 1:08 pm
Attacks are Evolving: 3 Ways to Protect Your Business in 2026
Every year, cybercriminals find new ways to steal money and data from businesses. Breaching a business network, extracting sensitive data, and sell...
Posted on 24 December 2025 | 11:30 am
SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips
The U.S. Securities and Exchange Commission (SEC) has filed charges against multiple companies for their alleged involvement in an elaborate crypto...
Posted on 24 December 2025 | 9:19 am
Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition
Apple has been fined €98.6 million ($116 million) by Italy's antitrust authority after finding that the company's App Tracking Transparency (ATT) p...
Posted on 24 December 2025 | 6:15 am
Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites
Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come w...
Posted on 23 December 2025 | 2:42 pm
INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty
A law enforcement operation coordinated by INTERPOL has led to the recovery of $3 million and the arrest of 574 suspects by authorities from 19 cou...
Posted on 23 December 2025 | 11:35 am
Passwd: A walkthrough of the Google Workspace Password Manager
Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, ...
Posted on 23 December 2025 | 11:30 am
U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme
The U.S. Justice Department (DoJ) on Monday announced the seizure of a web domain and database that it said was used to further a criminal scheme d...
Posted on 23 December 2025 | 8:15 am
Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances
A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbit...
Posted on 23 December 2025 | 7:34 am
FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks
The U.S. Federal Communications Commission (FCC) on Monday announced a ban on all drones and critical components made in a foreign country, citing ...
Posted on 23 December 2025 | 6:58 am
Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, bu...
Posted on 22 December 2025 | 4:28 pm
⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most — f...
Posted on 22 December 2025 | 12:00 pm
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow.
Data centers, constant connectivity, and r...
Posted on 22 December 2025 | 11:55 am
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed...
Posted on 22 December 2025 | 6:11 am
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after th...
Posted on 21 December 2025 | 4:22 am
U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware
The U.S. Department of Justice (DoJ) this week announced the indictment of 54 individuals in connection with a multi-million dollar ATM jackpotting...
Posted on 20 December 2025 | 1:48 pm
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims' Mic...
Posted on 19 December 2025 | 5:54 pm
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware
Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector for a...
Posted on 19 December 2025 | 3:34 pm
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability
WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in real-world attacks.
Tracked as ...
Posted on 19 December 2025 | 11:23 am
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks
Authorities in Nigeria have announced the arrest of three "high-profile internet fraud suspects" who are alleged to have been involved in phishing ...
Posted on 19 December 2025 | 10:26 am
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards
Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them ...
Posted on 19 December 2025 | 8:25 am
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware
A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting government...
Posted on 18 December 2025 | 5:34 pm
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution
Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if successfully exploited, could result in...
Posted on 18 December 2025 | 2:39 pm
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories
This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics ...
Posted on 18 December 2025 | 1:10 pm
North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft
Threat actors with ties to the Democratic People's Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryp...
Posted on 18 December 2025 | 1:00 pm
The Case for Dynamic AI-SaaS Security as Copilots Scale
Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools like...
Posted on 18 December 2025 | 11:30 am
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App
The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap v...
Posted on 18 December 2025 | 7:43 am
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploit...
Posted on 18 December 2025 | 5:01 am
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
Cisco has alerted users to a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced pe...
Posted on 18 December 2025 | 4:10 am
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploi...
Posted on 17 December 2025 | 6:17 pm
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks
A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices compris...
Posted on 17 December 2025 | 6:09 pm
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a "sustained" credential-harvesting campa...
Posted on 17 December 2025 | 3:30 pm
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, accordi...
Posted on 17 December 2025 | 2:54 pm
Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time
Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle t...
Posted on 17 December 2025 | 11:30 am
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware
The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack e...
Posted on 17 December 2025 | 11:12 am
GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads
A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code des...
Posted on 17 December 2025 | 8:14 am
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credenti...
Posted on 16 December 2025 | 4:35 pm
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its a...
Posted on 16 December 2025 | 3:39 pm
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastru...
Posted on 16 December 2025 | 12:27 pm
Why Data Security and Privacy Need to Start in Code
AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now facing rapid grow...
Posted on 16 December 2025 | 11:30 am
Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass
Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure.
Cyb...
Posted on 16 December 2025 | 10:58 am