🚨 Hackers are poisoning PyPI again. Devs, check your dependencies NOW!
Cybercriminals planted 20 fake Python packages on PyPI—stealing cloud access tokens from AWS, Alibaba Cloud, and Tencent Cloud. These packages, disguised as "time" utilities, racked up 14,100+ downloads before removal.
👀 One even snuck into a GitHub project with 519 stars and 42 forks.
🔗 Read more: https://thehackernews.com/2025/03/malicious-pypi-packages-stole-cloud.html
Cybercriminals planted 20 fake Python packages on PyPI—stealing cloud access tokens from AWS, Alibaba Cloud, and Tencent Cloud. These packages, disguised as "time" utilities, racked up 14,100+ downloads before removal.
👀 One even snuck into a GitHub project with 519 stars and 42 forks.
🔗 Read more: https://thehackernews.com/2025/03/malicious-pypi-packages-stole-cloud.html
👏19😁11🔥10🤯8👍7⚡3🤔1
🚨 WARNING: A supply chain attack hit tj-actions/changed-files, a GitHub Action used by 23,000+ repos—exposing AWS keys, PATs, and RSA keys in CI/CD logs.
👀 Affected? Update to v46.0.1 NOW and Audit workflows for leaks.
🔗 Read more: https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html
👀 Affected? Update to v46.0.1 NOW and Audit workflows for leaks.
🔗 Read more: https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html
👍12🤯3🤔2🔥1
👀 Your email client might be leaking more than you think...
Hackers are exploiting CSS to bypass spam filters and track users without JavaScript.
🚨 Cisco Talos warns that attackers use CSS properties like media, text-indent, and opacity to hide phishing content and fingerprint victims.
Stay ahead—learn how at https://thehackernews.com/2025/03/cybercriminals-exploit-css-to-evade.html.
Hackers are exploiting CSS to bypass spam filters and track users without JavaScript.
🚨 Cisco Talos warns that attackers use CSS properties like media, text-indent, and opacity to hide phishing content and fingerprint victims.
Stay ahead—learn how at https://thehackernews.com/2025/03/cybercriminals-exploit-css-to-evade.html.
🔥17👍4😁4🤔1
🚨 Cloud ransomware is evolving—your security settings won’t save you.
66% of cloud storage buckets hold sensitive data. Attackers now exploit legit AWS & Azure features to lock you out.
🔹 Block risky encryption methods
🔹 Enable backups & versioning (not default!)
🔹 Lock down IAM policies
The cloud won’t save you—take action now.
🎥 Read & Watch: https://thehackernews.com/2025/03/sans-institute-warns-of-novel-cloud.html
66% of cloud storage buckets hold sensitive data. Attackers now exploit legit AWS & Azure features to lock you out.
🔹 Block risky encryption methods
🔹 Enable backups & versioning (not default!)
🔹 Lock down IAM policies
The cloud won’t save you—take action now.
🎥 Read & Watch: https://thehackernews.com/2025/03/sans-institute-warns-of-novel-cloud.html
👍15
🚨 Old Cameras, New Threats 🔥
A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices into Mirai botnet soldiers for massive DDoS strikes.
Default creds (admin:1234) = easy pickings for attackers
🔗 Details: https://thehackernews.com/2025/03/unpatched-edimax-camera-flaw-exploited.html
A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices into Mirai botnet soldiers for massive DDoS strikes.
Default creds (admin:1234) = easy pickings for attackers
🔗 Details: https://thehackernews.com/2025/03/unpatched-edimax-camera-flaw-exploited.html
🔥18👍4
🚨 Last Week in Cybersecurity...
Routers hacked, malicious PyPI packages detected, new ransomware decryptors released, and major threats uncovered.
Read: https://thehackernews.com/2025/03/thn-weekly-recap-router-hacks-pypi.html
Stay informed—stay secure. #THNWeeklyRecap
Routers hacked, malicious PyPI packages detected, new ransomware decryptors released, and major threats uncovered.
Read: https://thehackernews.com/2025/03/thn-weekly-recap-router-hacks-pypi.html
Stay informed—stay secure. #THNWeeklyRecap
😁14⚡8👏4
🚨 Apache Tomcat Under Attack.
Hackers are actively exploiting CVE-2025-24813 just 30 hours after disclosure.
🔹 RCE & Info Disclosure Risk
🔹 No Authentication Needed
🔹 Attackers Upload & Execute Malicious Files
⚠️ Delaying could mean backdoors, config tampering & full compromise.
Read: https://thehackernews.com/2025/03/apache-tomcat-vulnerability-comes-under.html
Don’t wait—secure your systems NOW
Hackers are actively exploiting CVE-2025-24813 just 30 hours after disclosure.
🔹 RCE & Info Disclosure Risk
🔹 No Authentication Needed
🔹 Attackers Upload & Execute Malicious Files
⚠️ Delaying could mean backdoors, config tampering & full compromise.
Read: https://thehackernews.com/2025/03/apache-tomcat-vulnerability-comes-under.html
Don’t wait—secure your systems NOW
😁25🔥15👍11🤯4👏1🤔1
This media is not supported in your browser
VIEW IN TELEGRAM
💀 New Malware Alert — Microsoft warns of StilachiRAT, a stealthy remote access trojan that:
🔹 Steals browser passwords & clipboard data
🔹 Targets crypto wallets
🔹 Executes remote commands & monitors RDP sessions
🔹 Evades detection by clearing event logs
Read: https://thehackernews.com/2025/03/microsoft-warns-of-stilachirat-stealthy.html
🕵️♂️ No known actor yet, but it’s spreading. Protect your assets NOW.
🔹 Steals browser passwords & clipboard data
🔹 Targets crypto wallets
🔹 Executes remote commands & monitors RDP sessions
🔹 Evades detection by clearing event logs
Read: https://thehackernews.com/2025/03/microsoft-warns-of-stilachirat-stealthy.html
🕵️♂️ No known actor yet, but it’s spreading. Protect your assets NOW.
👍21🤔7😱6
⚠️ Your Device Might Be Part of the Largest CTV Botnet Ever!
Cybercriminals are exploiting cheap Android devices to build a massive botnet for:
🔹 Ad fraud & fake clicks
🔹 Residential proxy abuse
🔹 DDoS attacks & account takeovers
🔹 Hidden malware pre-installed in devices
Learn more: https://thehackernews.com/2025/03/badbox-20-botnet-infects-1-million.html
💀 1M+ devices infected worldwide, mostly in Brazil, US, & Mexico. Google removed 24 malicious apps, but the operation is still evolving.
Cybercriminals are exploiting cheap Android devices to build a massive botnet for:
🔹 Ad fraud & fake clicks
🔹 Residential proxy abuse
🔹 DDoS attacks & account takeovers
🔹 Hidden malware pre-installed in devices
Learn more: https://thehackernews.com/2025/03/badbox-20-botnet-infects-1-million.html
💀 1M+ devices infected worldwide, mostly in Brazil, US, & Mexico. Google removed 24 malicious apps, but the operation is still evolving.
😁16👍5
🚨 China-linked MirrorFace just carried out a stealthy attack on a European diplomatic group—using:
🔹 ANEL backdoor—revived after 6 years
🔹 AsyncRAT & HiddenFace malware
🔹 Stealthy access via VS Code Remote Tunnels
Learn more: https://thehackernews.com/2025/03/china-linked-mirrorface-deploys-anel.html
🔹 ANEL backdoor—revived after 6 years
🔹 AsyncRAT & HiddenFace malware
🔹 Stealthy access via VS Code Remote Tunnels
Learn more: https://thehackernews.com/2025/03/china-linked-mirrorface-deploys-anel.html
🤔16😁7👏5🔥3⚡1👍1
What are the essential skills security analysts need to succeed?
IDC's latest survey of 900+ security leaders reveals the top five.
Uncover these and more findings in a live webinar with sponsors Tines and AWS.
Sign up to attend: https://thn.news/voice-of-security-2025-tw
IDC's latest survey of 900+ security leaders reveals the top five.
Uncover these and more findings in a live webinar with sponsors Tines and AWS.
Sign up to attend: https://thn.news/voice-of-security-2025-tw
👍11👏2😁2🤔2
🚨 331 Malicious Android Google Play Apps, 60 Million+ Downloads!
The Vapor scam used:
🔹 Full-screen ads—locking devices
🔹 Phishing attacks—stealing credentials & credit cards
🔹 Hidden icons & impersonation—evading detection
🔹 Versioning tricks—turning clean apps malicious later
⚠️ Check your phone NOW. Delete suspicious apps!
🔗 Full details — https://thehackernews.com/2025/03/new-ad-fraud-campaign-exploits-331-apps.html
The Vapor scam used:
🔹 Full-screen ads—locking devices
🔹 Phishing attacks—stealing credentials & credit cards
🔹 Hidden icons & impersonation—evading detection
🔹 Versioning tricks—turning clean apps malicious later
⚠️ Check your phone NOW. Delete suspicious apps!
🔗 Full details — https://thehackernews.com/2025/03/new-ad-fraud-campaign-exploits-331-apps.html
🤔12🔥6👏4😁3⚡1
🚨 Critical AMI BMC Vulnerability (CVE-2024-54085) – CVSS 10.0!
A severe authentication bypass flaw allows attackers to:
🔹 Remotely control servers & deploy malware
🔹 Tamper with firmware, brick motherboards & cause reboot loops
🔹 Potentially damage hardware
⚠️ Affected: HPE, ASUS, ASRockRack & more
🔗 Read more: https://thehackernews.com/2025/03/new-critical-ami-bmc-vulnerability.html
📢 Admins: Patch ASAP! Patches released (March 11, 2025), OEM updates required.
A severe authentication bypass flaw allows attackers to:
🔹 Remotely control servers & deploy malware
🔹 Tamper with firmware, brick motherboards & cause reboot loops
🔹 Potentially damage hardware
⚠️ Affected: HPE, ASUS, ASRockRack & more
🔗 Read more: https://thehackernews.com/2025/03/new-critical-ami-bmc-vulnerability.html
📢 Admins: Patch ASAP! Patches released (March 11, 2025), OEM updates required.
👍9😁5🤯3
🚨 WARNING: Windows Zero-Day!
A still-unpatched flaw (ZDI-CAN-25373) in Windows has been actively exploited since 2017 by state-backed hackers from China, Russia, Iran & North Korea for cyber espionage & data theft.
🔹 1,000+ malicious .LNK files discovered
🔹 Targets: Governments, banks, telecoms, defense sectors
Learn more: https://thehackernews.com/2025/03/unpatched-windows-zero-day-flaw.html
Microsoft won’t release a patch, citing “low severity”
A still-unpatched flaw (ZDI-CAN-25373) in Windows has been actively exploited since 2017 by state-backed hackers from China, Russia, Iran & North Korea for cyber espionage & data theft.
🔹 1,000+ malicious .LNK files discovered
🔹 Targets: Governments, banks, telecoms, defense sectors
Learn more: https://thehackernews.com/2025/03/unpatched-windows-zero-day-flaw.html
Microsoft won’t release a patch, citing “low severity”
🤯20😁8⚡4👍3👏3
🔥 Breaking: Google is acquiring cloud security firm Wiz for $32 Billion—its largest deal in history.
💰 Largest acquisition in Google’s history
🛡️ Boosts AI-powered cloud security
🌍 Wiz remains independent, still working with AWS, Azure, Oracle
https://thehackernews.com/2025/03/google-acquires-wiz-for-32-billion-in.html
💰 Largest acquisition in Google’s history
🛡️ Boosts AI-powered cloud security
🌍 Wiz remains independent, still working with AWS, Azure, Oracle
https://thehackernews.com/2025/03/google-acquires-wiz-for-32-billion-in.html
😱22🔥9👍6⚡2
🚨 Android Threat Hunters, Your Job Just Got Easier!
ANY.RUN has just released a brand-new OS designed for real-time Android threat analysis inside a secure sandbox environment.
Now, businesses and security teams can:
✅ Detect Android threats faster
🔍 Investigate APK behavior in real time
⚡ Speed up incident response
💰 Reduce cybersecurity costs
Best part? It’s available for all plans—even FREE users!
👉 Try now: https://thn.news/malware-sandbox-android-tg
ANY.RUN has just released a brand-new OS designed for real-time Android threat analysis inside a secure sandbox environment.
Now, businesses and security teams can:
✅ Detect Android threats faster
🔍 Investigate APK behavior in real time
⚡ Speed up incident response
💰 Reduce cybersecurity costs
Best part? It’s available for all plans—even FREE users!
👉 Try now: https://thn.news/malware-sandbox-android-tg
👍21🔥13😱3
🚨 Is Your Okta Environment Secure? Even with best practices, misconfigurations and identity sprawl can leave your system exposed.
⚠️ Key risks:
➝ Inactive admin accounts & weak MFA
➝ Misconfigured security settings
➝ Forgotten API tokens granting access
➝ Lingering access for ex-employees
🔗 Learn how to protect your identity infrastructure: https://thehackernews.com/2025/03/how-to-improve-okta-security-in-four.html
⚠️ Key risks:
➝ Inactive admin accounts & weak MFA
➝ Misconfigured security settings
➝ Forgotten API tokens granting access
➝ Lingering access for ex-employees
🔗 Learn how to protect your identity infrastructure: https://thehackernews.com/2025/03/how-to-improve-okta-security-in-four.html
👍9
🛑 New Rules File Backdoor attack lets hackers poison AI-powered tools like GitHub Copilot & Cursor, injecting hidden malicious code into projects.
🔹 Invisible backdoors via Unicode tricks
🔹 Supply chain risk—spreads across repos
🔹 No alerts—developers unknowingly ship compromised code
Review AI-generated code carefully—your “trusted assistant” might be compromised.
🔗 Learn more: https://thehackernews.com/2025/03/new-rules-file-backdoor-attack-lets.html
🔹 Invisible backdoors via Unicode tricks
🔹 Supply chain risk—spreads across repos
🔹 No alerts—developers unknowingly ship compromised code
Review AI-generated code carefully—your “trusted assistant” might be compromised.
🔗 Learn more: https://thehackernews.com/2025/03/new-rules-file-backdoor-attack-lets.html
👍16😁1🤯1
🚨 GitHub Actions are under attack!
A supply chain attack hit tj-actions/changed-files, leaking AWS keys, GitHub PATs & more. CISA confirms active exploitation.
🔹 CVE-2025-30066 (CVSS 8.6)
🔹 Attack spread via another compromised Action
🔹 Sensitive secrets exposed via logs
Details: https://thehackernews.com/2025/03/cisa-warns-of-active-exploitation-in.html
⚠️ Rotate secrets, audit workflows, pin actions to commits—this won’t be the last attack.
A supply chain attack hit tj-actions/changed-files, leaking AWS keys, GitHub PATs & more. CISA confirms active exploitation.
🔹 CVE-2025-30066 (CVSS 8.6)
🔹 Attack spread via another compromised Action
🔹 Sensitive secrets exposed via logs
Details: https://thehackernews.com/2025/03/cisa-warns-of-active-exploitation-in.html
⚠️ Rotate secrets, audit workflows, pin actions to commits—this won’t be the last attack.
🤯18🔥7👍3😁3
🚨 Critical SCADA Flaws — Researchers uncovered 2 critical vulnerabilities (CVSS 9.3) in mySCADA myPRO, allowing attackers to execute system commands & hijack operations.
🔹 CVE-2025-20014 & CVE-2025-20061
🔹 Full Industrial Network Compromise Possible
Details here: https://thehackernews.com/2025/03/critical-myscada-mypro-flaws-could-let.html
🔹 CVE-2025-20014 & CVE-2025-20061
🔹 Full Industrial Network Compromise Possible
Details here: https://thehackernews.com/2025/03/critical-myscada-mypro-flaws-could-let.html
👍17🤯4⚡2🔥1🤔1
🚨 ClearFake Malware Spreading Fast!
Hackers use fake reCAPTCHA & Cloudflare checks to deploy Lumma & Vidar Stealer malware.
🔹 9,300+ infected sites
🔹 200,000+ users exposed (July 2024)
🔹 Now using Binance Smart Chain for stealth
Learn more: https://thehackernews.com/2025/03/clearfake-infects-9300-sites-uses-fake.html
Hackers use fake reCAPTCHA & Cloudflare checks to deploy Lumma & Vidar Stealer malware.
🔹 9,300+ infected sites
🔹 200,000+ users exposed (July 2024)
🔹 Now using Binance Smart Chain for stealth
Learn more: https://thehackernews.com/2025/03/clearfake-infects-9300-sites-uses-fake.html
⚡12👍9🤔8