🚨 Microsoft has issued critical patches for two major security flaws in Azure AI Face Service and Microsoft Account.

These vulnerabilities could let attackers escalate their privileges without authorization, exposing critical infrastructure.

While patched, CVE-2025-21415 had a public exploit.

Learn more: https://thehackernews.com/2025/02/microsoft-patches-critical-azure-ai.html

🚨 A new flaw (CVE-2024-56161) in AMD SEV could allow attackers to load malicious CPU microcode on vulnerable systems.

It exploits improper signature verification, allowing attackers local admin access to tamper with microcode.

Read more: https://thehackernews.com/2025/02/amd-sev-snp-vulnerability-allows.html

🔒 Taiwan Bans DeepSeek AI Due to National Security Risks.

Concern? Cross-border data transmission can compromise sensitive government and critical infrastructure data.

Meanwhile, in just three days, DeepSeek faced multiple waves of DDoS attacks.

Learn more: https://thehackernews.com/2025/02/taiwan-bans-deepseek-ai-over-national.html

🚨 Cyberattacks on cloud infrastructures are evolving fast, and your current security measures may not be enough.

AI-driven workflows and massive data migrations are expanding attack surfaces. Cloud security isn’t just about detection anymore – it’s about prevention.

Read how cloud security will transform in 2025 and beyond: https://thehackernews.com/2025/02/watch-out-for-these-8-cloud-security.html

⚠️ FERRET malware targets macOS users through job scam.

North Korean hackers pose as recruiters on LinkedIn to lure victims. A fake "software update" compromises your system, steals data, and drains your crypto wallet.

Learn more: https://thehackernews.com/2025/02/north-korean-hackers-deploy-ferret.html

🔐 Russian cybercriminals are exploiting new 7-Zip vulnerability (CVE-2025-0411) to target Ukrainian organizations.

This flaw bypasses Windows' MotW protections, allowing remote code execution via malicious archives.

Learn more about the exploit: https://thehackernews.com/2025/02/russian-cybercrime-groups-exploiting-7.html

Python vs. no-code for security automation - a side-by-side breakdown 🔎

Security teams sometimes debate whether to write custom Python scripts or use a no-code platform like Tines for SOAR. Both have their advantages - but how do they compare in real-world automation?

In this blog post, security researcher Conor Dunne shares:

💡 The security, maintenance, and performance trade-offs of each approach
💡 A side-by-side comparison of core automation components - HTTP requests, webhooks, scheduling, and more
💡 A real-world case study: automating a Slack news feed

Read the blog post: https://thn.news/tines-python-automation-fb

🚨 Alert! A malicious package targeting the Go ecosystem has backdoored countless systems—giving hackers remote access.

Despite changes to the original GitHub repository, the malicious version persisted, targeting unsuspecting developers.

👉 Learn more: https://thehackernews.com/2025/02/malicious-go-package-exploits-module.html

⚠️ A newly disclosed vulnerability in Microsoft SharePoint connector could have allowed attackers to harvest user credentials and launch attacks across Power Automate, Power Apps, and Copilot 365.

Learn more: https://thehackernews.com/2025/02/microsoft-sharepoint-connector-flaw.html

🔴 CISA warns of critical actively exploited security flaws in popular enterprise software.

This includes high-severity vulnerabilities in Apache OFBiz, Microsoft .NET Framework, and Paessler PRTG Network Monitor.

Act before it’s too late.

Read: https://thehackernews.com/2025/02/cisa-adds-four-actively-exploited.html

⚠️ Managing Active Directory (AD) and Entra ID in hybrid environments? You might be exposing your organization to critical vulnerabilities. Here’s why:

⤷ Privilege Sprawl from mergers, mobility, and acquisitions
⤷ Standing Privileges create unmonitored opportunities for attackers to exploit
⤷ Manual systems can't keep up with the growing complexity

🔧 Automate your identity management—save time and reduce human error.

👉 Get the Full Guide: https://thehackernews.com/expert-insights/2025/02/using-roles-and-attributes-to-protect.html

🚨 ALERT: AsyncRAT Strikes Using Dropbox & TryCloudflare

⤷ Phishing emails start the chain, leading to AsyncRAT and other malware.
⤷ Hackers are now using Dropbox URLs and TryCloudflare tunnels to hide malicious activity.
⤷ Python payloads launch a multi-stage attack, making detection nearly impossible.

Check out details: https://thehackernews.com/2025/02/asyncrat-campaign-uses-python-payloads.html

🚨 Vulnerability Assessments Soar in 2024. 24% of organizations now conduct assessments more than 4 times a year—up from 15% in 2023!

This shift to continuous monitoring means faster responses to threats and stronger defenses.

How is your organization keeping up? 👇 Explore the full report now: https://thehackernews.com/2025/02/navigating-future-key-it-vulnerability.html

🛑 Security Alert for Veeam Users! CVE-2025-23114 has a CVSS score of 9.0.

This new critical Man-in-the-Middle attack could allow hackers to execute arbitrary code on your servers.

✅ Fix is Available! Check out the details here: https://thehackernews.com/2025/02/new-veeam-flaw-allows-arbitrary-code.html

🔒 Silent Lynx's Multi-Stage Attack Exposed: Targeting Embassies, Law Firms, and Banking Institutions

The group leverages RAR files, C++ binaries, and PowerShell scripts to infiltrate systems and exfiltrate sensitive data.

Read the full article here: https://thehackernews.com/2025/02/silent-lynx-using-powershell-golang-and.html

🔒 Hackers are exploiting tools like Axios and Node Fetch to take over Microsoft 365 accounts—targeting high-value employees across industries like finance, healthcare, and IT.

Attack volume spiked to over 13 million login attempts in one password spraying campaign.

Read the full report: https://thehackernews.com/2025/02/cybercriminals-use-axios-and-node-fetch.html

🚨 WARNING: Infamous North Korea-linked Lazarus Group is using fake job offers to spread cross-platform malware—targeting crypto and travel industries.

🏡✈️ Fake recruiter offers remote positions in crypto/travel
📄 Victims send personal info (CVs, GitHub links)
‼️ Attackers deploy a JavaScript data stealer and Python backdoor

This is a complex attack chain that can give attackers persistent remote access to your systems.

Learn more: https://thehackernews.com/2025/02/cross-platform-javascript-stealer.html

🔴 Hacktivism has evolved – from political protest to full-blown cyber warfare. The latest surge in DDoS attacks is shaking both the public and private sectors.

These attacks are not just about disruption—they're designed to manipulate public opinion and disrupt elections. Now's the time to be aware.

Want to know how geopolitics is shaping the cyber landscape? Read the full analysis now:

https://thehackernews.com/expert-insights/2025/02/hacking-in-name-of.html

🛑 Cisco just patched two critical vulnerabilities in Identity Services Engine (ISE) that could allow attackers to execute arbitrary commands and escalate privileges remotely.

⚠️ CVE-2025-20124 & CVE-2025-20125 carry CVSS scores of 9.9 and 9.1.

Read — https://thehackernews.com/2025/02/cisco-patches-critical-ise.html

🛑 North Korea-linked Kimsuky hacking group now using forceCopy, a new info-stealer malware targeting browser credentials.

Spear-phishing emails trick victims into opening disguised Windows shortcut files. PowerShell and mshta.exe trigger malware download, leading to deeper infection.

👉 Read More: https://thehackernews.com/2025/02/north-korean-apt-kimsuky-uses-lnk-files.html

🚨 New malware campaign "SparkCat" has been discovered on Apple and Google app stores, using OCR to target crypto wallet recovery phrases.

Read the full report: https://thehackernews.com/2025/02/sparkcat-malware-uses-ocr-to-extract.html