News

The Hacker News5h

Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure

HexStrike AI, according to its website, is pitched as an AI‑driven security platform to automate reconnaissance and ...
The Hacker News7h

Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats

Iranian group used 104 hijacked accounts in embassy spear-phishing, exploiting geopolitical tensions for espionage.
The Hacker News6h

Detecting Data Leaks Before Disaster

DeepSeek’s January 2025 database leak exposed 1M+ logs via misconfigured ClickHouse, risking chat histories and keys.
The Hacker News6h

Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack

Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly ...
The Hacker News12h

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting ...
The Hacker News13h

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies ...
The Hacker News9h

Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack

Cloudflare mitigated a record 11.5 Tbps DDoS attack in 35 seconds, highlighting rising hyper-volumetric threats.
The Hacker News23h

Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control

MystRodX backdoor, active since Jan 2024, uses encrypted payloads and DNS/ICMP triggers for stealthy C2 control.
The Hacker News1d

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE

Fox-IT said ThemeForestRAT shares similarities with a malware codenamed RomeoGolf that was put to use by the Lazarus Group in ...
The Hacker News1d

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, ...
The Hacker News1d

Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices

FDN3 brute-force attacks peaked July 6–8, 2025, tied to Seychelles bulletproof hosts enabling ransomware entry.
The Hacker News1d

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

Silver Fox exploited a Microsoft-signed WatchDog driver in May 2025 to bypass defenses, deploy ValleyRAT, and enable fraud.