The Hacker News1h
Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android Phone
Cellebrite's zero-day exploit bypassed an Android lock screen to access a Serbian activist’s phone. Amnesty links attack to ...
The Hacker News4h
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Hackers now scan port 1098 to exploit RDP vulnerabilities, targeting 740,000 IPs daily. Microsoft patches two critical flaws.
The Hacker News4h
5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs
Cybercriminals use fake CAPTCHAs in phishing PDFs to spread Lumma Stealer, targeting 7,000+ users via Webflow, GoDaddy, and ...
The Hacker News7h
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
Microsoft identifies four cybercriminals behind Storm-2139, an AI abuse scheme exploiting Azure OpenAI services for illicit ...
The Hacker News8h
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
Nearly 12,000 live secrets found in LLM training data, exposing AWS, Slack, and Mailchimp credentials—raising AI security ...
The Hacker News8h
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
Sticky Werewolf deploys Lumma Stealer via phishing attacks in Russia and Belarus, stealing credentials, banking data, and ...
The Hacker News9h
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
Winos 4.0 malware, deployed via phishing emails impersonating Taiwan’s tax authority, steals data through keylogging, ...
The Hacker News1d
New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades
TgToxic malware evolves with advanced anti-analysis, DGA-based C2, and global expansion, targeting banking and crypto users ...
The Hacker News1d
Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
FBI confirms North Korea’s Lazarus Group stole $1.5B from Bybit, surpassing 2024’s total crypto heists. Investigations reveal ...
The Hacker News1d
89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals
Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their ...
The Hacker News2d
New Linux Malware 'Auto-Color' Grants Hackers Full Remote Access to Compromised Systems
Auto-Color Linux malware targets governments and universities, using stealth tactics and encryption to evade detection and ...
The Hacker News2d
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
CERT-UA warns of UAC-0173 phishing deploying DCRat via Cloudflare R2, using RDP exploits, FIDDLER, and SENDMAIL to target ...