Cybercriminals are hiding malware in images, making it nearly invisible to security tools.

A harmless landscape photo 🖼️ could be carrying a payload that steals data or takes over your system. Traditional security tools miss this, leaving you exposed.

Learn how to protect your systems: https://thehackernews.com/2025/03/steganography-explained-how-xworm-hides.html

🚨 Apple just patched a zero-day under active attack!

CVE-2025-24201 lets hackers escape the WebKit sandbox—Apple calls the exploit “extremely sophisticated.”

Targeted? Unknown
Duration? Unknown

But if you use an iPhone, Mac, or Vision Pro—update NOW.

📲 Details: https://thehackernews.com/2025/03/apple-releases-patch-for-webkit-zero.html

⚡ Proactive security > Reactive fixes.

ASPM's "shift-left" approach empowers teams to prevent vulnerabilities BEFORE they spread. Don't miss out on how this could save you time and money.

🚀 Learn more in this expert webinar — https://thehacker.news/aspm-future-appsec

🚨 6,000+ fake Play Store pages exposed!

PlayPraetor Trojan malware is tricking users into downloading apps that steal banking info, intercept 2FA, and spy on you. CTM360 uncovered this global scam, where cybercriminals use realistic fake pages to hijack devices and steal data.

Protect yourself:
✅ Download from trusted stores only
✅ Check reviews & permissions
✅ Use mobile security tools

🔗 Full report: https://thehackernews.com/expert-insights/2025/03/ctm360-uncovers-large-scale-fake-play.html

🚨 UPDATE: Microsoft has uncovered major upgrades in the latest XCSSET variant:

⚠️ New persistence method – Uses dockutil to swap in a fake Launchpad app, ensuring the malware runs every time you open it.
⚠️ Stronger obfuscation – Harder to detect, harder to analyze.
⚠️ Still spreading via Xcode projects – Developers, your builds could be compromised.

This marks the first major XCSSET update since 2022—and it's more deceptive than ever. Inspect Xcode projects carefully.

🔗 More details: https://thehackernews.com/2025/02/microsoft-uncovers-new-xcsset-macos.html

🔥 Microsoft warns: 6 zero-days under active attack!

This month’s Patch Tuesday fixes 57 security flaws, including 6 exploited zero-days that attackers are already using for privilege escalation, data theft, and remote code execution.

🔹 Key threats:
CVE-2025-24985 & CVE-2025-24993 – File system flaws allowing remote code execution
CVE-2025-24983 – A Win32k zero-day used in the wild with PipeMagic malware
CVE-2025-26633 – Security bypass flaw in Microsoft Management Console

CISA has mandated patches by April 1. Don’t wait—secure your systems now!

🔗 Full patch details: https://thehackernews.com/2025/03/urgent-microsoft-patches-57-security.html

Do you know how secure your software supply chain really is?

According to ActiveState's 2025 State of Vulnerability Management and Remediation Report, DevSecOps pros signaled a 54% YoY increase in high-risk vulnerabilities—download the FREE report to learn how to stay ahead of the curve.

https://thn.news/vulnerability-report-2025

🚨 Massive SSRF Attack Surge Detected 👀

GreyNoise warns of a coordinated wave of SSRF exploits hitting at least 400 IPs—targeting U.S., Germany, Singapore, Israel, and more.

🔴 Exploiting multiple CVEs at once, including:
• CVE-2020-7796 (Zimbra, CVSS 9.8)
• CVE-2021-22175 (GitLab, CVSS 9.8)
• CVE-2023-5830 (ColumbiaSoft, CVSS 9.8)

🚀 Automated? Pre-compromise recon? Either way—patch now, restrict outbound traffic, and monitor logs.

Details: https://thehackernews.com/2025/03/over-400-ips-exploiting-multiple-ssrf.html

With a Georgetown master's you'll gain the tactical skills to plan for, respond to, and mitigate cyber security threats.


View event: https://thn.news/cyber-risk-webinar-2025-li

🚨 China-backed hackers are hitting routers—undetected.

UNC3886 is targeting Juniper Networks routers, deploying stealthy TinyShell-based backdoors to control critical infrastructure. These implants evade security, disable logs, and hijack SSH creds—all in silence. 👀

Mandiant warns: "Long-term persistence, minimal detection."

Why does this matter? Routers are now the frontline. If they’re compromised, so is everything behind them.

🔗 Details on the latest cyber espionage:
https://thehackernews.com/2025/03/chinese-hackers-breach-juniper-networks.html

🚨 UPDATE: Garantex Co-Founder ARRESTED in India!

Besciokov was caught in Thiruvananthapuram while trying to flee after a U.S. extradition request (March 10). He was vacationing in Varkala when India’s CBI moved in.

More: https://thehackernews.com/2025/03/us-secret-service-seizes-russian.html

🚨 Firefox Warning: Update Before March 14.

A critical root certificate will expire on March 14, 2025. If you’re using an old Firefox version (before 128 or ESR 115.13+), your add-ons may stop working, DRM media could break, and security features may fail.

📢 Fix it now: Update to Firefox 128+ (or ESR 115.13+) to avoid issues.

🔗 Read: https://thehackernews.com/2025/03/warning-expiring-root-certificate-may.html

🚨 Critical Alert: A severe vulnerability (CVE-2025-27363) in the FreeType font library, used by millions, is being actively exploited.

This flaw allows RCE, risking numerous systems. Affected platforms include Linux distributions, Android, and iOS.

Read: https://thehackernews.com/2025/03/meta-warns-of-freetype-vulnerability.html

Update to FreeType version 2.13.3 immediately to protect your devices. Act now!

🔴 ruby-saml Flaws Open SAML Auth to Hijacking

GitHub Security Lab found CVE-2025-25291 & CVE-2025-25292 (CVSS 8.8) in ruby-saml, allowing attackers to bypass authentication using a valid signature.

🔗 Read: https://thehackernews.com/2025/03/github-uncovers-new-ruby-saml.html

🔑 Update now or risk account takeover.

What are the top priorities for security teams in 2025? And what's threatening to derail them?

IDC asked 900+ security leaders across the US, Europe, and Australia. In a webinar on March 26, Voice of Security 2025 sponsors Tines and AWS will unpack the results.

Join them to uncover:
🔸 How AI and automation are transforming security strategies
🔸 The biggest challenges leaders face - and what’s holding them back
🔸 What drives job satisfaction (and frustration) in security leadership
🔸 Where tooling helps vs. where it’s adding to the pain
🔸 What leaders look for when hiring security analysts

Sign up for a deep dive into the data: https://thn.news/voice-of-security-2025-x

🚨 A never-before-seen Android spyware KoSpy is targeting Korean & English users—stealing texts, calls, files & more.

Masquerading as legit apps on Google Play, KoSpy operated undetected for 2 years (2022-2024). Now linked to APT27 & Kimsuky.

Meanwhile, North Korean hackers are also infiltrating npm packages & crypto wallets—deploying RustDoor, BeaverTail & Koi Stealer.

Find out here: https://thehackernews.com/2025/03/north-koreas-scarcruft-deploys-kospy.html

🚨 Microsoft Warns: Fake Booking[.]com Emails Deploying Malware!

Hackers are using a new social engineering trick—ClickFix—to target the hospitality sector. Victims unknowingly copy-paste a command that launches data-stealing malware.

⚠️ How the scam works:
🔹 Fake Booking[.]com email → "Bad review alert!"
🔹 Clicks lead to a fake CAPTCHA
🔹 Trick: Victim pastes a malicious command = Instant infection

🔎 Who’s behind it? A cybercrime group Storm-1865—now using the same tactics as Russian & Iranian hackers.

🔗 More details: https://thehackernews.com/2025/03/microsoft-warns-of-clickfix-phishing.html

🚨 Backups are failing when it matters most.

🔹 Only 40% of IT teams trust their backups
🔹 Downtime costs $14K/min
🔹 60% think they can recover in a day—only 35% do
🔹 94% of ransomware victims have backups targeted

IT leaders must act now. See the State of Backup & Recovery 2025 for key risks & solutions.

Read now: https://thehackernews.com/2025/03/bcdr-2025-trends-and-challenges-for-msps-and-it-teams.html

🚨 New Malware Alert | OBSCURE#BAT 🦇
Hackers are using fake CAPTCHA pages & Trojanized software (Tor, VoIP apps) to spread the r77 rootkit—hiding files, evading antivirus, and persisting after reboot.

🎭 Targets: 🇺🇸🇨🇦🇬🇧🇩🇪 🛠️ Techniques: Obfuscated batch scripts, AMSI bypass, API hooking 🔍 Stealthy & dangerous—already in the wild!

Read more: https://thehackernews.com/2025/03/obscurebat-malware-uses-fake-captcha.html

🏴‍☠️ Pirates Beware!

Downloading cracked software? You might be installing MassJacker—a new clipper malware hijacking crypto transactions.

🔹 778,531 attacker-controlled wallets
🔹 $336,700 in stolen funds
🔹 Hides inside pirated downloads from pesktop[.]com

Your clipboard isn't safe. Copy a wallet address? It swaps it with the hacker’s.

🔗 Full story: https://thehackernews.com/2025/03/new-massjacker-malware-targets-piracy.html

🔒 GSMA is bringing end-to-end encryption (E2EE) to RCS messages between Android & iOS. That means private, secure chats—no matter the device.

This comes right after Apple agreed to support RCS in iOS 18. Until now, Google encrypted RCS in its Messages app, but cross-platform chats were left exposed.

🔗 Read more: https://thehackernews.com/2025/03/gsma-confirms-end-to-end-encryption-for.html