🛑 China-linked MirrorFace has targeted Japan’s security and tech sectors in over 4 years of persistent attacks, says NPA & NCSC.

These attackers use spear-phishing, exploit device vulnerabilities, and evade antivirus detection by operating in Windows Sandbox—leaving no trace behind.

🔗 Learn the tactics attackers use and how to counter them: https://thehackernews.com/2025/01/mirrorface-leverages-anel-and-noopdoor.html

Advance your skills in strategic security design with Georgetown’s Online Certificate in Cybersecurity Strategy.

Learn more: https://thn.news/cybersecurity-strategy-ig

🚨 New Threat Alert: Banshee Stealer!

The latest variant targets macOS users and hides its tracks using Apple-inspired encryption.

💻 Targets victims via phishing websites disguised as Google Chrome & Telegram
💸 Offered to hackers for $3,000/month under a Malware-as-a-Service model

🔗 Read more: https://thehackernews.com/2025/01/new-banshee-stealer-variant-bypasses.html

🚨 Critical flaws found in major platforms:

⤷ SonicWall: SSLVPN bypass (CVSS 8.2) & privilege escalation.
⤷ Palo Alto Networks: SQL injection exposes passwords & API keys (CVSS 7.8).
⤷ Aviatrix: Max severity flaw (CVSS 10.0) allows remote code execution.

👉 Full details: https://thehackernews.com/2025/01/major-vulnerabilities-patched-in.html

Patch systems to secure your organization.

⚠️ Hackers are impersonating cybersecurity giant CrowdStrike, tricking victims into downloading a cryptominer disguised as a recruitment tool.

🛑 In a separate campaign, cybercriminals are targeting researchers with a fake PoC for the LDAPNightmare vulnerability (CVE-2024-49113).

🔗 Stay informed and learn more: https://thehackernews.com/2025/01/crowdstrike-warns-of-phishing-scam.html

🚨 China-linked RedDelta hackers are targeting Southeast Asia, Mongolia & Taiwan with custom PlugX backdoors in a series of espionage attacks.

⤷ New tactic: Using Cloudflare CDN to mask malicious traffic
⤷ Spyware deployed: Custom PlugX backdoor

Read: https://thehackernews.com/2025/01/reddelta-deploys-plugx-malware-to.html

⚠️ A high-severity vulnerability in Samsung's Monkey's Audio decoder (CVE-2024-49415) is putting millions of devices at risk.

🔴 No user interaction needed – attackers can exploit this flaw remotely, allowing them to execute arbitrary code on your phone.

Update your Samsung device immediately to patch this flaw.

Read details here: https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html

🚨 Shadow AI is here—and it’s putting your company at risk as employees secretly use AI tools like ChatGPT, transcription apps, and customer support bots.

Identify which apps and AI tools are in use across your organization with Reco’s detection solution—before they lead to a security incident.

Start securing your apps now: https://thehackernews.com/2025/01/product-review-how-reco-discovers.html

⚡ FunkSec, a rising ransomware group, has already hit 85+ victims, demanding ransoms as low as $10,000. What’s worse? They’re leveraging AI to rapidly evolve their attacks.

With targets like the U.S. and India, FunkSec's motives go beyond money—they are blurring the lines between hacktivism and cybercrime.

👉 Learn more: https://thehackernews.com/2025/01/ai-driven-ransomware-funksec-targets-85.html

Kick off 2025 with a game plan to grow your MSP’s revenue and deliver outstanding value to your clients.

Join us on January 15 to "10x Your MSP Profits in 2025 with Automated Network Pentesting" and discover how vPenTest can help you set the tone for a successful year.

Save your spot: https://thn.news/webinar-automated-pentesting-2025

📊 Reporting is broken! Is YOUR cybersecurity reporting still a “check the box” task?

Clients don’t want to hear about firewall logs—they want to understand how YOU are safeguarding their business.

Find out how to improve it here: https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html

💰 How One U.S. Health System Cut Security Costs by 76% ...

👉 The system deployed Elisity with just 2 staff members per site, compared to 14 for traditional segmentation.

⚡ Elisity is a seamless, lightweight solution that integrates with existing switches and works with Cisco, Juniper, and Arista devices, taking less than 30 minutes to deploy without any network downtime.

Get the full details here: https://thehackernews.com/2025/01/hands-on-walkthrough-microsegmentation.html

🛑 U.S. Justice Department indicts 3 Russian nationals involved in laundering millions through cryptocurrency mixers Blender`io and Sinbad`io.

Full details inside: https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html

🔥 Microsoft has taken legal action against hackers using stolen Azure credentials to exploit AI services like OpenAI and DALL-E for malicious purposes.

Read the full story: https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html

👀 Over 4,000 web backdoors hijacked—by registering abandoned domains for as little as $20.

🔑 Researchers gained control of backdoors targeting government & academic networks in Bangladesh, China, Nigeria, South Korea, and more!

Read now: https://thehackernews.com/2025/01/expired-domains-allowed-control-over.html

🚨 New Vulnerability Alert!

CISA has added another critical BeyondTrust flaw to its "Known Exploited Vulnerabilities" catalog—this time, impacting Privileged Remote Access (PRA) and Remote Support (RS).

Attackers are actively exploiting it — CVE-2024-12686.

Read more: https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html

⚠️ VMware vCenter = Goldmine for Attackers.

Attackers are exploiting root-level access with the “vpxuser” account to control ESXi infrastructure. If it’s breached, everything is at risk.

👇 Discover expert tips on strengthening your defenses and preventing catastrophic breaches: https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html

A new credit card skimmer targeting WordPress e-commerce sites has been discovered.

⤷ Malicious JavaScript code is injected into WordPress databases.
⤷ It activates ONLY on checkout pages to steal sensitive payment info.
⤷ This stealthy malware evades traditional detection tools, making it a serious threat.

This attack is incredibly difficult to spot, putting your customers' data and your reputation at risk.

🔗 Read more: https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html

⚠️ WARNING: Zero-Day Exploit Likely Behind Fortinet Attack.

Attackers created super admin accounts, hijacked SSL VPNs, and moved laterally through networks to extract credentials.

Learn more in the full article: https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html

HuiOne Guarantee, an illicit Telegram-based marketplace, has surpassed Hydra with $24B in crypto inflows.

⤷ $150K funneled from North Korea’s Lazarus hacking group 💻
⤷ Facilitating romance scams, human trafficking, and money laundering
⤷ Monthly inflows up 51% since July 2024 📈

Learn more: https://thehackernews.com/2025/01/illicit-huione-telegram-market.html

🚨 Russian cyber attackers are actively targeting Kazakhstan’s Ministry of Foreign Affairs—this isn't just a cyber attack; it’s an espionage campaign to steal sensitive political and economic data.

The attackers use infected Microsoft Office docs to bypass security and deploy powerful malware like HATVIBE—designed to remain undetected.

Learn more: https://thehackernews.com/2025/01/russian-linked-hackers-target.html