News

The Hacker News25m

âš¡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More

Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that ...
The Hacker News4h

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

Transparent Tribe targets Indian government using weaponized .desktop files since 2022, enabling persistence and credential ...
The Hacker News5h

ShinyHunters Data Breach vs. SaaS: Why Dynamic Security Matters

ShinyHunters is a notorious cybercrime group that has resurfaced with a new playbook of SaaS-focused attacks. Known for ...
The Hacker News23h

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

The details are transmitted to a threat actor-controlled Telegram bot named "@sshZXC_bot" (ssh_bot) via the API, which then ...
The Hacker News4h

The New Mindset: Platforms Over Products

Traditional tools fail; Keeper CEO highlights zero trust, least privilege, and AI automation reshaping defense.
The Hacker News3d

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

Murky Panda exploited Citrix CVE-2023-3519 and Commvault CVE-2025-3928 to deploy CloudedHope malware, enabling covert ...
The Hacker News2d

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose ...
The Hacker News3d

INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown

INTERPOL’s Operation Serengeti 2.0 Arrests 1,209 Cybercriminals in Africa, Recovers $97.4M, Dismantles 11,432 Infrastructures ...
The Hacker News4d

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft | Read more hacking news on ...
The Hacker News3d

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

ClickFix attacks deliver CORNFLAKE.V3 backdoor via fake CAPTCHAs, enabling multi-payload delivery and persistence since Sept ...
The Hacker News2d

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Phishing emails with RAR archives exploit Linux filename injection to deliver VShell backdoor, bypassing antivirus defenses ...
The Hacker News4d

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Password cracking succeeded in 46% of environments in 2025, leaving valid accounts exploited in 98% of attacks.