🚨 Microsoft just launched built-in AI data leak protection.
Edge for Business now blocks sensitive info from being typed into ChatGPT, Gemini & more.
Also out:
✅ 11 new Security Copilot AI agents
✅ Stronger phishing defense in Teams
🔗 Details here: https://thehackernews.com/2025/03/microsoft-adds-inline-data-protection.html
Edge for Business now blocks sensitive info from being typed into ChatGPT, Gemini & more.
Also out:
✅ 11 new Security Copilot AI agents
✅ Stronger phishing defense in Teams
🔗 Details here: https://thehackernews.com/2025/03/microsoft-adds-inline-data-protection.html
👏9👍6🤔6🔥4😁2
🚨 WARNING: 43% of cloud setups at risk from new "IngressNightmare" flaws.
Unauth RCE in Ingress NGINX Controller for Kubernetes could let attackers take over entire clusters—no creds needed. Over 6,500 exposed.
🔥 CVSS 9.8 | 5 CVEs | 1 attack chain | Total cluster compromise.
Patch now → Versions 1.12.1, 1.11.5, 1.10.7 Disable admission controller if not needed Lock down external access to webhooks
This isn’t the NGINX Ingress Controller you think it is.
👉 Full details + fixes → https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html
Unauth RCE in Ingress NGINX Controller for Kubernetes could let attackers take over entire clusters—no creds needed. Over 6,500 exposed.
🔥 CVSS 9.8 | 5 CVEs | 1 attack chain | Total cluster compromise.
Patch now → Versions 1.12.1, 1.11.5, 1.10.7 Disable admission controller if not needed Lock down external access to webhooks
This isn’t the NGINX Ingress Controller you think it is.
👉 Full details + fixes → https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html
👍20🔥4🤔3
🚨 306 arrests. 1,842 devices seized. 7 countries.
Operation Red Card (Nov 2024–Feb 2025) exposed scam networks targeting over 5,000 victims through fake investments, SMS phishing & hijacked banking apps.
👥 Nigeria: 130 arrested — 113 were foreign nationals
📲 South Africa: Over 1,000 SIMs seized
💰 Rwanda: $305K stolen via social engineering
💀 Some scammers were human trafficking victims forced into fraud
🔗 Learn more: https://thehackernews.com/2025/03/interpol-arrests-306-suspects-seizes.html
Operation Red Card (Nov 2024–Feb 2025) exposed scam networks targeting over 5,000 victims through fake investments, SMS phishing & hijacked banking apps.
👥 Nigeria: 130 arrested — 113 were foreign nationals
📲 South Africa: Over 1,000 SIMs seized
💰 Rwanda: $305K stolen via social engineering
💀 Some scammers were human trafficking victims forced into fraud
🔗 Learn more: https://thehackernews.com/2025/03/interpol-arrests-306-suspects-seizes.html
👍21👏13😁4🤯4🤔1
🚨 Malware Alert! Hackers are using Microsoft’s .NET MAUI to build fake banking & social apps targeting Indian and Chinese users.
🎯 Targets include banks, X (Twitter), and photo apps.
🧠 Malware hides in app buttons—stealing info when tapped.
⚠️ .NET MAUI was built for good. Attackers are turning it into a weapon.
🔗 Full McAfee report → https://thehackernews.com/2025/03/hackers-use-net-maui-to-target-indian.html
🎯 Targets include banks, X (Twitter), and photo apps.
🧠 Malware hides in app buttons—stealing info when tapped.
⚠️ .NET MAUI was built for good. Attackers are turning it into a weapon.
🔗 Full McAfee report → https://thehackernews.com/2025/03/hackers-use-net-maui-to-target-indian.html
🤯8🤔4👍2😁2
👀 Using Microsoft 365? You might have 1,000+ connected apps—and not even know it.
Most users guess they have fewer than 10. The reality? That’s a huge blind spot.
AI, not humans, is the only way to secure SaaS at scale.
🔍 AskOmni makes it simple, learn how: https://thehackernews.com/2025/03/ai-powered-saas-security-keeping-pace.html
Most users guess they have fewer than 10. The reality? That’s a huge blind spot.
AI, not humans, is the only way to secure SaaS at scale.
🔍 AskOmni makes it simple, learn how: https://thehackernews.com/2025/03/ai-powered-saas-security-keeping-pace.html
👍12🔥6😁5🤯4
👀 They hid for 4 YEARS.
Chinese state-backed hackers quietly lived inside a major Asian telecom, siphoning sensitive data via stealth tools like INMemory—a web shell that leaves zero forensic trace.
Meanwhile, China accused 4 Taiwanese ICEFCOM hackers of cyberattacks—Taiwan denies it.
🔗 Details here: https://thehackernews.com/2025/03/chinese-hackers-breach-asian-telecom.html
Chinese state-backed hackers quietly lived inside a major Asian telecom, siphoning sensitive data via stealth tools like INMemory—a web shell that leaves zero forensic trace.
Meanwhile, China accused 4 Taiwanese ICEFCOM hackers of cyberattacks—Taiwan denies it.
🔗 Details here: https://thehackernews.com/2025/03/chinese-hackers-breach-asian-telecom.html
🤯25👍10😁7
🚨 One IP. 180+ C2 domains. One malware: Raspberry Robin.
This Russia-linked botnet is back—smarter, stealthier, and spreading fast.
Used by ransomware gangs + nation-state actors like Cadet Blizzard via USBs, Discord, and fast-flux C2s.
Not just a worm—it's a launchpad for LockBit, Dridex, Clop, and more.
🔗 Full report: https://thehackernews.com/2025/03/researchers-uncover-200-unique-c2.html
This Russia-linked botnet is back—smarter, stealthier, and spreading fast.
Used by ransomware gangs + nation-state actors like Cadet Blizzard via USBs, Discord, and fast-flux C2s.
Not just a worm—it's a launchpad for LockBit, Dridex, Clop, and more.
🔗 Full report: https://thehackernews.com/2025/03/researchers-uncover-200-unique-c2.html
👍18😱8😁4
🚨 Broadcom just patched CVE-2025-22230, a 7.8 CVSS auth bypass in VMware Tools for Windows (v11.x.x & 12.x.x). No workaround. Fixed in v12.5.1—patch now.
Also: CrushFTP v10 & v11 hit by unauth’d HTTP(S) access bug. Not actively exploited, but still dangerous.
🔗 Full details + patch links: https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html
Also: CrushFTP v10 & v11 hit by unauth’d HTTP(S) access bug. Not actively exploited, but still dangerous.
🔗 Full details + patch links: https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html
😁14👍4⚡3👏1
🚨 Chrome zero-day exploited in the wild...
Google patches CVE-2025-2783, a high-severity flaw in Chrome for Windows—actively used in attacks on Russian orgs.
👀 Update Chrome now | Details: https://thehackernews.com/2025/03/zero-day-alert-google-releases-chrome.html
Google patches CVE-2025-2783, a high-severity flaw in Chrome for Windows—actively used in attacks on Russian orgs.
👀 Update Chrome now | Details: https://thehackernews.com/2025/03/zero-day-alert-google-releases-chrome.html
👍17😁10😱7⚡3
🔥 Cybercriminals are using one tool to break into millions of accounts.
Atlantis AIO automates credential stuffing—testing real stolen logins across 140+ platforms like Gmail, Netflix, PayPal & DoorDash.
It’s fast, stealthy, and sold with “thousands of satisfied clients.”
Not brute force—these are your leaked passwords reused.
🔗 Full report: https://thehackernews.com/2025/03/hackers-using-e-crime-tool-atlantis-aio.html
Atlantis AIO automates credential stuffing—testing real stolen logins across 140+ platforms like Gmail, Netflix, PayPal & DoorDash.
It’s fast, stealthy, and sold with “thousands of satisfied clients.”
Not brute force—these are your leaked passwords reused.
🔗 Full report: https://thehackernews.com/2025/03/hackers-using-e-crime-tool-atlantis-aio.html
🤯16👍4😁3🤔3
Your DDoS protection is lying to you.
Even “basic” DDoS attacks are breaking through so-called advanced protections. In 2024 alone: 25M+ attacks — a 53% spike year-over-year.
Why? Because the real vulnerabilities are inside the protections themselves—hidden policy gaps no one checks.
🔥 Matthew Andriani, CEO of Mazebolt, spent 100K+ hours simulating real attacks. The verdict? Every org had blind spots. No alerts. No logs. Just downtime.
✅ Check your blind spots in 3 mins: https://thehackernews.com/expert-insights/2025/03/the-surprising-gap-in-ddos-protections.html
Even “basic” DDoS attacks are breaking through so-called advanced protections. In 2024 alone: 25M+ attacks — a 53% spike year-over-year.
Why? Because the real vulnerabilities are inside the protections themselves—hidden policy gaps no one checks.
🔥 Matthew Andriani, CEO of Mazebolt, spent 100K+ hours simulating real attacks. The verdict? Every org had blind spots. No alerts. No logs. Just downtime.
✅ Check your blind spots in 3 mins: https://thehackernews.com/expert-insights/2025/03/the-surprising-gap-in-ddos-protections.html
🔥13😁7👍5👏4
INSIDERS, not hackers, cause the most damage.
📈 57% of companies face 20+ insider incidents a year
💸 Avg cost? $4.99M per breach (IBM 2024)
Even the U.S. Treasury slipped—staff got unintended access to critical systems in Dec '24.
PAM stops this.
🔐 Just-in-time access
🧠 Identity-first control
⚡ Real-time threat response
👉 See how Syteca helps → https://thehackernews.com/2025/03/how-pam-mitigates-insider-threats.html
Before access turns into a threat—secure it.
📈 57% of companies face 20+ insider incidents a year
💸 Avg cost? $4.99M per breach (IBM 2024)
Even the U.S. Treasury slipped—staff got unintended access to critical systems in Dec '24.
PAM stops this.
🔐 Just-in-time access
🧠 Identity-first control
⚡ Real-time threat response
👉 See how Syteca helps → https://thehackernews.com/2025/03/how-pam-mitigates-insider-threats.html
Before access turns into a threat—secure it.
👍15🤔3👏2🤯2
🚨 A new kind of npm malware just dropped—and it infects other packages.
Two rogue packages—ethers-provider2 and ethers-providerz—silently patched the legit ethers library to deploy a reverse shell.
Uninstalling won’t help. The malicious code persists, waiting to reinfect when ethers is reinstalled. Even deleted files don’t stop it.
🔗 Learn more: https://thehackernews.com/2025/03/malicious-npm-package-modifies-local.html
Two rogue packages—ethers-provider2 and ethers-providerz—silently patched the legit ethers library to deploy a reverse shell.
Uninstalling won’t help. The malicious code persists, waiting to reinfect when ethers is reinstalled. Even deleted files don’t stop it.
🔗 Learn more: https://thehackernews.com/2025/03/malicious-npm-package-modifies-local.html
👍12🤯10🤔2😱1
Cyber Strikes & Security Insights: Join Vanta at an RSA Happy Hour
Going to RSA? Join Vanta and CISO Series host David Spark for a night of networking, bowling, and games at Lucky Strike’s Einstein Room.
Whether you’re looking to connect with fellow cybersecurity pros, kick off your RSA week with fun, or just see who can throw the best (or worst) strike, this is the place to be.
✓ Mix and mingle with top security professionals
✓ Bowl a few frames (or just cheer from the sidelines)
✓ Enjoy food, drinks, and great conversations
✓ Get insights on the latest in cybersecurity
Space is limited, so grab your spot now: https://thn.news/lucky-security-community-s
Going to RSA? Join Vanta and CISO Series host David Spark for a night of networking, bowling, and games at Lucky Strike’s Einstein Room.
Whether you’re looking to connect with fellow cybersecurity pros, kick off your RSA week with fun, or just see who can throw the best (or worst) strike, this is the place to be.
✓ Mix and mingle with top security professionals
✓ Bowl a few frames (or just cheer from the sidelines)
✓ Enjoy food, drinks, and great conversations
✓ Get insights on the latest in cybersecurity
Space is limited, so grab your spot now: https://thn.news/lucky-security-community-s
👍5😁2
🥊 A good defense isn’t built in silence—it’s battle-tested.
Most orgs test their cyber defenses once a year—maybe twice. That’s like a boxer only sparring before a title fight. Gaps grow. Intuition dulls. Defenses drift.
Real resilience requires pressure. Continuous, automated pentesting simulates real attacks—frequently and affordably.
🔥 Your next test shouldn't be the real breach.
Automate, simulate, adapt. Learn how → https://thehackernews.com/2025/03/sparring-in-cyber-ring-using-automated.html
Most orgs test their cyber defenses once a year—maybe twice. That’s like a boxer only sparring before a title fight. Gaps grow. Intuition dulls. Defenses drift.
Real resilience requires pressure. Continuous, automated pentesting simulates real attacks—frequently and affordably.
🔥 Your next test shouldn't be the real breach.
Automate, simulate, adapt. Learn how → https://thehackernews.com/2025/03/sparring-in-cyber-ring-using-automated.html
👍7🤔3
🚨RedCurl, the Russian-speaking group—long known for espionage—has deployed ransomware for the first time.
👀 Their new strain: QWCrypt
🧠 Tactic: Fake CVs + legit Adobe tools = full system compromise
No leak site. No clear motive. Just chaos.
Details: https://thehackernews.com/2025/03/redcurl-shifts-from-espionage-to.html
👀 Their new strain: QWCrypt
🧠 Tactic: Fake CVs + legit Adobe tools = full system compromise
No leak site. No clear motive. Just chaos.
Details: https://thehackernews.com/2025/03/redcurl-shifts-from-espionage-to.html
🔥14👏3😁3🤔3
👀 Running an unpatched Windows system? You’re a target.
Hackers are exploiting CVE-2025-26633: EncryptHub hijacks Windows MMC with a stealthy .msc file swap via MUIPath, loading malware like Rhadamanthys and StealC through a fake “en-US” folder.
🧪 Trend Micro calls it "MSC EvilTwin."
Read: https://thehackernews.com/2025/03/encrypthub-exploits-windows-zero-day-to.html
Patch now. Share widely.
Hackers are exploiting CVE-2025-26633: EncryptHub hijacks Windows MMC with a stealthy .msc file swap via MUIPath, loading malware like Rhadamanthys and StealC through a fake “en-US” folder.
🧪 Trend Micro calls it "MSC EvilTwin."
Read: https://thehackernews.com/2025/03/encrypthub-exploits-windows-zero-day-to.html
Patch now. Share widely.
🔥9👍3⚡2🤔1
Catch Cloud Threats Before They Catch You!
Contain emerging threats in real time - before they impact your business. Learn how cloud detection and response (CDR) gives security teams the edge they need in this practical, no-nonsense guide.
Download now → https://thn.news/cloud-detection-dummies-2
Contain emerging threats in real time - before they impact your business. Learn how cloud detection and response (CDR) gives security teams the edge they need in this practical, no-nonsense guide.
Download now → https://thn.news/cloud-detection-dummies-2
👍9👏2
🚨 New Chinese cyber attack spotted.
FamousSparrow breached a U.S. trade group + Mexican institute using new, modular malware: SparrowDoor + ShadowPad (first use).
▶️ Targets ran outdated Exchange + Windows Server. ▶️ Backdoor includes spying, keylogging, screenshots, file theft.
📰 Full story → https://thehackernews.com/2025/03/new-sparrowdoor-backdoor-variants-found.html
FamousSparrow breached a U.S. trade group + Mexican institute using new, modular malware: SparrowDoor + ShadowPad (first use).
▶️ Targets ran outdated Exchange + Windows Server. ▶️ Backdoor includes spying, keylogging, screenshots, file theft.
📰 Full story → https://thehackernews.com/2025/03/new-sparrowdoor-backdoor-variants-found.html
🔥20😱5👍3👏3🤔3😁1
🚨 One click from insider to admin?
A critical flaw in NetApp SnapCenter (CVE-2025-26512, CVSS 9.9) lets authenticated users escalate privileges to full admin—on remote systems.
SnapCenter powers enterprise backups—this isn’t niche, it’s everywhere.
🔗Read: https://thehackernews.com/2025/03/netapp-snapcenter-flaw-could-let-users.html
A critical flaw in NetApp SnapCenter (CVE-2025-26512, CVSS 9.9) lets authenticated users escalate privileges to full admin—on remote systems.
SnapCenter powers enterprise backups—this isn’t niche, it’s everywhere.
🔗Read: https://thehackernews.com/2025/03/netapp-snapcenter-flaw-could-let-users.html
🤔8👍3😁1
👀 6-year-old bugs are back—and being weaponized.
CISA just flagged two 2019 Sitecore RCE flaws (CVE-2019-9874 & 9875) as actively exploited.
But it doesn’t stop there:
➡️ Next.js auth bypass (CVE-2025-29927) is under live attack
➡️ DrayTek routers face fresh waves targeting old RCE/LFI bugs.
🔗 Details: https://thehackernews.com/2025/03/cisa-flags-two-six-year-old-sitecore.html
Old CVEs. New exploits. Patch now.
CISA just flagged two 2019 Sitecore RCE flaws (CVE-2019-9874 & 9875) as actively exploited.
But it doesn’t stop there:
➡️ Next.js auth bypass (CVE-2025-29927) is under live attack
➡️ DrayTek routers face fresh waves targeting old RCE/LFI bugs.
🔗 Details: https://thehackernews.com/2025/03/cisa-flags-two-six-year-old-sitecore.html
Old CVEs. New exploits. Patch now.
🔥13👍4🤯3