🚨 The U.S. Treasury just sanctioned Integrity Technology Group, a Beijing-based cybersecurity firm, for enabling state-sponsored cyberattacks on U.S. entities.

↪ Linked to Flax Typhoon (aka RedJuliett)
↪ Exploited IoT vulnerabilities.
↪ Targeted government agencies, telecoms, and universities.

🔗 Read the details: https://thehackernews.com/2025/01/us-treasury-sanctions-beijing.html

⚠️ ALERT: PLAYFULGHOST Targets VPN Users!

This powerful backdoor malware deceives users by trojanizing legitimate VPN apps, enabling keylogging, screen/audio capture, and remote shell access.

Learn more: https://thehackernews.com/2025/01/playfulghost-delivered-via-phishing-and.html

🚨 A severe flaw in Nuclei (CVE-2024-43405) could let attackers bypass signature checks and inject malicious code. This impacts all versions after 3.0.0—scoring a 7.4 CVSS.

Read the analysis and secure your systems 👉https://thehackernews.com/2025/01/researchers-uncover-nuclei.html

FireScam malware is targeting Android devices by disguising itself as a fake “Telegram Premium” app. Once installed, it:

↪ Steals sensitive data (messages, notifications, call logs, credentials)
↪ Blocks legitimate app updates to remain undetected

This malware uses advanced techniques to spy on users and maintain control over devices—posing a major threat to personal and organizational data.

Get all the details 👉 https://thehackernews.com/2025/01/firescam-android-malware-poses-as.html

🔒 Critical Alert: Malicious npm packages are impersonating Hardhat tools to steal private keys and mnemonics.

↪ Over 1,000 downloads of a single fake package, active for over a year.
↪ Data is exfiltrated using hardcoded Ethereum addresses.

Open-source dependency complexity is a hacker’s dream—manual reviews are becoming impossible.

🔧 What You Can Do:
✅ Double-check every dependency.
✅ Use tools to audit npm packages.
✅ Build robust supply chain defenses.

🔗 Read the details: https://thehackernews.com/2025/01/russian-speaking-attackers-target.html

🚨 Every second in 2024, cybercriminals attempted 7,000 password attacks—up 75% from last year! Phishing surged 58%, leading to $3.5 billion in losses.

Learn the top strategies to protect your SaaS environment from these relentless threats.

Read here: https://thehackernews.com/2025/01/from-22m-in-ransom-to-100m-stolen.html

India proposes draft Digital Personal Data Protection (DPDP) Rules to empower citizens with data erasure rights, enforce strict security mandates for companies, and impose penalties for non-compliance.

🔒 Your Rights:
➜ Erase data on demand 🗑️
➜ Consent control for how your data is used 📜
➜ Parental consent for minors’ data 👶

⚙️ Business Compliance:
➜ 72-hour breach reporting ⏱️
➜ Annual audits & impact assessments 📋
➜ Data security: encryption, backups, and access control 🔐

💸 Penalties ➜ Up to ₹250 crore (~$30M) for non-compliance or misuse ⚠️

Explore the details: https://thehackernews.com/2025/01/india-proposes-digital-data-rules-with.html

🚨 Two vulnerabilities (CVE-2024-9138, CVE-2024-9140) impact Moxa's routers, with CVSS scores of 8.6 and 9.3—allowing root access and unauthorized command execution.

🔑 Patch to version 3.14+ immediately.

You can protect your network by:
🛑 Isolating devices from the internet.
🔗 Limiting SSH access to trusted IPs.
🛡 Enabling strict firewall rules.

➡️ Find out now: https://thehackernews.com/2025/01/moxa-alerts-users-to-high-severity.html

⚠️ CISA says there’s no evidence other federal systems were impacted in the Treasury cyberattack—but the investigation is ongoing.

Attackers exploited BeyondTrust’s Remote Support SaaS API key to access Treasury systems.

🔗 Learn More: https://thehackernews.com/2025/01/cisa-no-wider-federal-impact-from.html

A newly upgraded version of the EAGERBEE malware is actively targeting internet service providers (ISPs) and government entities in the Middle East.

➜ Allows load, unload, or swap plugins in memory on demand.
➜ Linked to state-aligned groups like Cluster Alpha and TA428.
➜ Targets military and political secrets in Southeast Asia.
Harvest network and system data with precision tools.

🔗 Read the full report here: https://thehackernews.com/2025/01/new-eagerbee-variant-targets-isps-and.html

🕯️ Legacy MFA, VPNs, and antivirus have all fallen. Why? Attackers outpaced outdated tech.

Key takeaways for decision-makers: Evolve or risk critical vulnerabilities.

➤ Integrated, AI-driven, phishing-resistant tools are non-negotiable.
➤ Zero Trust and passwordless solutions are the path forward.

Cybersecurity tools must outthink attackers—not just block them.

Are your defenses ready for 2025? Find out what’s driving the next wave of innovation: https://thehackernews.com/2025/01/farewell-to-fallen-cybersecurity-stars.html

Researchers reveal Illumina’s iSeq 100 lacks modern security measures, making it vulnerable to privilege escalation and firmware tampering.

Explore the insights here: https://thehackernews.com/2025/01/researchers-uncover-major-security-flaw.html

Can you spot hidden threats in encrypted traffic? Most organizations can’t—and that’s exactly how attackers are winning.

In this webinar, Zscaler's Emily Laufer reveals:
🛡️ Advanced tactics to uncover hidden threats
📈 Predictions for ransomware’s 2025 playbook

➡️ Watch the webinar: https://thehacker.news/ransomware-encrypted-attacks

CISA has flagged 3 actively exploited vulnerabilities—two in Mitel MiCollab and one in Oracle WebLogic Server.

⤷ CVE-2024-41713: Remote access via path traversal.
⤷ CVE-2024-55550: Exploited by attackers with admin privileges.
⤷ CVE-2020-2883: A high-severity vulnerability in Oracle WebLogic with known exploits.

👉 Don’t wait—secure your systems now: https://thehackernews.com/2025/01/cisa-flags-critical-flaws-in-mitel-and.html

🔥 The U.S. government has launched the U.S. Cyber Trust Mark, a label for IoT devices that meet rigorous cybersecurity standards.

How it works:
✅ Devices tested by accredited labs
✅ QR codes reveal security practices like updates and default password tips

🔗 Read: https://thehackernews.com/2025/01/fcc-launches-cyber-trust-mark-for-iot.html

Share your thoughts!

🚨 Over 15,000 infected devices are targeting businesses daily with 100 Gbps DDoS attacks!

A new Mirai botnet variant, dubbed "gayfemboy," is exploiting a critical OS command injection flaw in Four-Faith routers.

✅ Countries hit hardest: China, Iran, Russia, Turkey, USA
✅ Vulnerabilities used: over 20 CVEs, including a zero-day.

🔗 Full story: https://thehackernews.com/2025/01/mirai-botnet-variant-exploits-four.html

🚨 Lumma malware continues to wreak havoc in 2025, stealing sensitive information through fake CAPTCHA pages, torrents, and phishing emails.

Explore how to proactively analyze Lumma and stop it in its tracks using tools like @ANYRUN_app's sandbox. 👉 https://thehackernews.com/2025/01/top-5-malware-threats-to-prepare.html

🔒 NonEuclid, a new Remote Access Trojan, combines stealth, evasion, and ransomware into a single devastating package. It’s being advertised as a crimeware solution.

⤷ Dual Purpose: Acts as both a RAT and ransomware.
⤷ Stealth Mode: Uses sandbox detection to avoid virtual environments.
⤷ Persistence: Modifies Windows Registry and sets scheduled tasks for survival.

👉 Read more: https://thehackernews.com/2025/01/researchers-expose-noneuclid-rat-using.html

🚨 What are the limitations of existing security tools in managing AI-related risks? Learn practical approaches to identify blind spots and protect against emerging threats across your AI lifecycle—from development to production.

🎙️ Join James Berthoty, Ron Bitton, PhD and Dor Sarig, as they explore:

✅ Traditional application security Vs AI security
✅ AI security use cases in the modern enterprise
✅ Analysis of AI-related risks and vulnerabilities
✅ Strategic recommendations for 2025

📅 January 15th, 11:30am ET

👉 Don’t miss out—Reserve your spot for this exclusive webinar: https://thn.news/navigating-ai-security

🚨 Forgotten domains are becoming cybercriminals' secret weapon to bypass email security!

Hackers are reviving decades-old domains that lack basic security measures to send phishing emails. These tactics fool even advanced systems like SPF and DMARC.

Learn more: https://thehackernews.com/2025/01/neglected-domains-used-in-malspam-to.html

🔮 What does the future hold for SaaS security in 2025?

Here are some predictions for the year ahead, including:

📈 Increased SaaS-based attacks
☝️ Zero Trust will be non-negotiable
⚔️ Identity management as the key battleground

See what else is in store for the year ahead: https://thn.news/saas-security-predictions-li