🚨 Suspected Chinese state-sponsored hackers breached the U.S. Treasury via a compromised API key from BeyondTrust, a third-party vendor.

💡 Here’s what happened:
» Attackers gained access to a key securing BeyondTrust’s cloud-based remote support service.
» They bypassed security to remotely access Treasury workstations and unclassified documents.
» CVE-2024-12356, a critical vulnerability (CVSS 9.8), was actively exploited.

➡️ Read More: https://thehackernews.com/2024/12/chinese-apt-exploits-beyondtrust-api.html

🔒 Department of Justice has finalized a rule blocking bulk transfers of Americans’ sensitive personal data to adversarial nations like China, Russia, and North Korea.

» Data like Social Security numbers, geolocation, biometrics, and health information is now protected.
» These countries have used such data for espionage, AI development, and suppressing freedoms.

Read full story here 👉 https://thehackernews.com/2024/12/new-us-doj-rule-halts-bulk-data.html

The U.S. Treasury just sanctioned two major entities—one Iranian and one Russian—for meddling in the 2024 presidential election through AI-powered disinformation campaigns.

Here’s what they did:
🛠️ Created deepfakes and synthetic content using AI.
🌐 Built a network of 100+ fake news sites to spread misinformation.
💰 Backed by intelligence agencies like Iran's IRGC and Russia's GRU.

Learn the latest tactics 👉 https://thehackernews.com/2025/01/iranian-and-russian-entities-sanctioned.html

⚠️ Click. Click. Hacked?

DoubleClickjacking: A new clickjacking variant that stealthily exploits timing gaps between clicks to hijack accounts.

This attack bypasses protections like X-Frame-Options and SameSite cookies.

Read the article: https://thehackernews.com/2025/01/new-doubleclickjacking-exploit-bypasses.html

🚨 Three Russian-German nationals charged with espionage and sabotage by German prosecutors.

One suspect, Dieter S., allegedly scouted military sites and planned attacks to disrupt Germany's support for Ukraine.

Learn more: https://thehackernews.com/2025/01/three-russian-german-nationals-charged.html

🔒 A new npm package poses as a vulnerability detector for Ethereum smart contracts but silently installs Quasar RAT—a remote access trojan that gives attackers:

🖥️ Full control over your system
🛡️ Persistence via Windows Registry tweaks
📡 Command-and-Control connections to steal data

🔗 Read the full analysis: https://thehackernews.com/2025/01/malicious-obfuscated-npm-package.html

⚡ Did you know? Cross-domain attackers often stay hidden for weeks before escalating privileges.

Why do attackers thrive? Because fragmented security tools leave gaps—and adversaries like FAMOUS CHOLLIMA are exploiting every one of them.

💬 Question: Are your identity systems truly secure, or just compliant?

💡 Expert Take: A unified platform transforms identity systems into secure perimeters by:
» Closing blind spots with end-to-end visibility.
» Integrating seamlessly across cloud, SaaS, and on-prem environments.
» Accelerating threat detection for proactive defense.

👉 Learn how to level up your defenses: https://thehackernews.com/2025/01/cross-domain-attacks-growing-threat-to.html

Attackers move fast—your defenses need to be faster.

⚠️ Researchers have uncovered details of now-patched vulnerabilities in Dynamics 365 and Power Apps Web API that exposed sensitive user data, including emails, financial information, and password hashes.

🔗 Learn more: https://thehackernews.com/2025/01/severe-security-flaws-patched-in.html

🔒 Apple will pay $95M to settle claims that Siri accidentally recorded and shared private conversations with third parties.

📊 Key Details:
» Covers Siri-enabled devices from 2014 to 2024.
» Claim up to $20 per device (max 5).
» Apple introduced new privacy settings, but is it enough?

🔗 Get the full story: https://thehackernews.com/2025/01/apple-to-pay-siri-users-20-per-device.html

🚨 Critical Update: With Edgio services shutting down, Microsoft is migrating all .NET workloads to Azure Front Door CDNs.

💡 Deadline: January 7, 2025.

👉 Scan your codebase and update references today to avoid downtime.

Learn more: https://thehackernews.com/2025/01/critical-deadline-update-old-net.html

🚨 Critical Flaws in LDAP Exploited!

A new proof-of-concept exploit, LDAPNightmare, crashes unpatched Windows Servers with one crafted request.

Even worse? RCE attacks are possible with minor tweaks.

» CVE-2024-49113 causes DoS attacks.
» CVE-2024-49112 allows remote code execution.

What can you do?
✅ Patch ASAP with Microsoft’s December 2024 updates.
✅ Monitor RPC calls and suspicious LDAP activity.

👉 Read more: https://thehackernews.com/2025/01/ldapnightmare-poc-exploit-crashes-lsass.html

🚨 ALERT: New multi-turn jailbreaking attack, Bad Likert Judge, cleverly bypasses AI safety measures across six major platforms, including AWS, Google, and NVIDIA.

» Attack success rates spike by 60% using this technique.
» Tested across major platforms—OpenAI, Google, and more.
» Categories impacted: hate speech, malware, even weapons.

👉 Explore expert findings: https://thehackernews.com/2025/01/new-ai-jailbreak-method-bad-likert.html

🚨 The U.S. Treasury just sanctioned Integrity Technology Group, a Beijing-based cybersecurity firm, for enabling state-sponsored cyberattacks on U.S. entities.

↪ Linked to Flax Typhoon (aka RedJuliett)
↪ Exploited IoT vulnerabilities.
↪ Targeted government agencies, telecoms, and universities.

🔗 Read the details: https://thehackernews.com/2025/01/us-treasury-sanctions-beijing.html

⚠️ ALERT: PLAYFULGHOST Targets VPN Users!

This powerful backdoor malware deceives users by trojanizing legitimate VPN apps, enabling keylogging, screen/audio capture, and remote shell access.

Learn more: https://thehackernews.com/2025/01/playfulghost-delivered-via-phishing-and.html

🚨 A severe flaw in Nuclei (CVE-2024-43405) could let attackers bypass signature checks and inject malicious code. This impacts all versions after 3.0.0—scoring a 7.4 CVSS.

Read the analysis and secure your systems 👉https://thehackernews.com/2025/01/researchers-uncover-nuclei.html

FireScam malware is targeting Android devices by disguising itself as a fake “Telegram Premium” app. Once installed, it:

↪ Steals sensitive data (messages, notifications, call logs, credentials)
↪ Blocks legitimate app updates to remain undetected

This malware uses advanced techniques to spy on users and maintain control over devices—posing a major threat to personal and organizational data.

Get all the details 👉 https://thehackernews.com/2025/01/firescam-android-malware-poses-as.html

🔒 Critical Alert: Malicious npm packages are impersonating Hardhat tools to steal private keys and mnemonics.

↪ Over 1,000 downloads of a single fake package, active for over a year.
↪ Data is exfiltrated using hardcoded Ethereum addresses.

Open-source dependency complexity is a hacker’s dream—manual reviews are becoming impossible.

🔧 What You Can Do:
✅ Double-check every dependency.
✅ Use tools to audit npm packages.
✅ Build robust supply chain defenses.

🔗 Read the details: https://thehackernews.com/2025/01/russian-speaking-attackers-target.html

🚨 Every second in 2024, cybercriminals attempted 7,000 password attacks—up 75% from last year! Phishing surged 58%, leading to $3.5 billion in losses.

Learn the top strategies to protect your SaaS environment from these relentless threats.

Read here: https://thehackernews.com/2025/01/from-22m-in-ransom-to-100m-stolen.html

India proposes draft Digital Personal Data Protection (DPDP) Rules to empower citizens with data erasure rights, enforce strict security mandates for companies, and impose penalties for non-compliance.

🔒 Your Rights:
➜ Erase data on demand 🗑️
➜ Consent control for how your data is used 📜
➜ Parental consent for minors’ data 👶

⚙️ Business Compliance:
➜ 72-hour breach reporting ⏱️
➜ Annual audits & impact assessments 📋
➜ Data security: encryption, backups, and access control 🔐

💸 Penalties ➜ Up to ₹250 crore (~$30M) for non-compliance or misuse ⚠️

Explore the details: https://thehackernews.com/2025/01/india-proposes-digital-data-rules-with.html

🚨 Two vulnerabilities (CVE-2024-9138, CVE-2024-9140) impact Moxa's routers, with CVSS scores of 8.6 and 9.3—allowing root access and unauthorized command execution.

🔑 Patch to version 3.14+ immediately.

You can protect your network by:
🛑 Isolating devices from the internet.
🔗 Limiting SSH access to trusted IPs.
🛡 Enabling strict firewall rules.

➡️ Find out now: https://thehackernews.com/2025/01/moxa-alerts-users-to-high-severity.html

⚠️ CISA says there’s no evidence other federal systems were impacted in the Treasury cyberattack—but the investigation is ongoing.

Attackers exploited BeyondTrust’s Remote Support SaaS API key to access Treasury systems.

🔗 Learn More: https://thehackernews.com/2025/01/cisa-no-wider-federal-impact-from.html