🚨 Alert — A 9.0 CVSS flaw in Gladinet’s CentreStack also affects Triofox—both used for remote access.

Attackers exploited it as a zero-day in March, hitting 7 orgs by April 11.

🔑 Root cause: Hardcoded crypto keys → enabled RCE via PowerShell + DLL sideloading

🔗 Read: https://thehackernews.com/2025/04/gladinets-triofox-and-centrestack-under.html

🚨 Hired by Hackers?

Devs on LinkedIn targeted in stealth malware attacks disguised as job offers.

Slow Pisces, linked to North Korea’s Bybit hack (Feb 2025), is now luring coders with fake challenges to drop RN Stealer—a macOS info-stealer pulling iCloud, SSH, and cloud config files.

➡️ Learn how it works: https://thehackernews.com/2025/04/crypto-developers-targeted-by-python.html

🚨 Apache Roller Hit by 10.0 CVSS Flaw!

Old sessions stay active even after a password change (CVE-2025-24859). Hackers can keep access silently.

All versions ≤6.1.4 affected.

👉 Full details: https://thehackernews.com/2025/04/critical-apache-roller-vulnerability.html

🔒 Fixed in v6.1.5. Patch now.

🚨 Your biggest enterprise risk might be hiding in plain sight — THE BROWSER EXTENSIONS.

👀 99% of employees use them
👀 53% access sensitive data
👀 54% have unknown publishers

🔥 Your entire org could be one extension away from compromise.

🔗 Act now → Audit, assess, and lock down. Learn how: https://thehackernews.com/2025/04/majority-of-browser-extensions-can.html

Sophisticated phishing attacks are now routinely bypassing MFA, SSO, and multiple security layers across email, network, and endpoints.

Join the latest webinar from Push Security to learn why phishing attacks are more attractive than ever for attackers in 2025 — and what you can do to stop it.

Register here 👉 https://thn.news/phishing-webinar-it

⚠️ UNC5174 (aka Uteus), tied to China, is quietly breaching Linux & macOS systems using SNOWLIGHT malware + a fake Cloudflare app (VShell).

🔍 Targets: 20+ nations | Sectors: Gov, finance, defense
🛠 Tactics: Open-source tools, fileless payloads, fake authenticator apps
👀 Risk: Remote control, in-memory attacks, hard-to-trace

🔗 Full details: https://thehackernews.com/2025/04/chinese-hackers-target-linux-systems.html

"Your firewall won’t save you."

Hackers are using ChatGPT to craft phishing lures & scan attack surfaces.

Meanwhile, most orgs still cling to VPNs & 30-year-old security models.

🔥 Zero Trust + AI isn’t hype — it’s survival.

Don’t fall behind: https://thehackernews.com/expert-insights/2025/04/rethinking-cyber-defense-with-zero.html

🛑 CRITICAL ALERT → U.S. funding for MITRE’s CVE vulnerability database program ends Wednesday.

MITRE warns: no funding = no new CVEs, degraded threat advisories, and slower incident response.

🛠️ CVEs power security tools, alerts, and patching across critical infrastructure.

🔍 Without it, defenders lose a key part of their playbook.

🔗 Full story → https://thehackernews.com/2025/04/us-govt-funding-for-mitres-cve-ends.html

🚨 New Android Phones, Pre-Loaded with Malware?!

Since June 2024, cheap Androids from Chinese brands like SHOWJI come with trojanized WhatsApp/Telegram apps out of the box.

📱 Fake models: “S24 Ultra”, “Note 13 Pro”, etc.
💸 Malware replaces your crypto wallet address in chats
🧠 Scans your images for mnemonic phrases
💰 Hackers netted $1.6M+ via 40+ infected apps & 60+ C2 servers

🔗 Check the list & protect your crypto → https://thehackernews.com/2025/04/chinese-android-phones-shipped-with.html

🚨 BPFDoor is back—with a stealthy new controller in play.

A fresh wave of BPFDoor attacks has hit telecom, finance & retail sectors in 🇰🇷🇲🇾🇭🇰🇲🇲🇪🇬 — using a stealth controller that opens reverse shells & moves laterally inside Linux networks.

🔗 Read → https://thehackernews.com/2025/04/new-bpfdoor-controller-enables-stealthy.html

⚠️ Why hack in… when you can just log in?

80% of breaches stem from SaaS identity misconfigurations.

One compromised account can trigger a chain: Entra ID takeover → GitHub exfiltration → Slack leaks

Wing Security gives full SaaS visibility—no agents, no blind spots.

✅ Identity & app mapping
✅ Real-time threat detection
✅ Full attack timeline

🔍 See how it works: https://thehackernews.com/2025/04/product-walkthrough-look-inside-wing.html

⚠️ Hackers are abusing AI tool Gamma to craft fake presentations that lead you to spoofed Microsoft SharePoint logins—and even fake CAPTCHA pages to dodge security scans.

🔗Details: https://thehackernews.com/2025/04/ai-powered-gamma-used-to-host-microsoft.html

🚨 Supply chain cyberattacks are exploding — and hitting where it hurts most: healthcare, retail, energy.

🦠 One breach = millions exposed.

The risk? Vendors are the backdoor. Hackers are walking right in.

Learn what’s driving this wave and how to stay ahead: https://thehackernews.com/2025/04/from-third-party-vendors-to-us-tariffs.html

👇 Google blocked 5.1B bad ads and banned 39.2M advertiser accounts in 2024.

AI flagged scams, deepfakes, and fraud at scale—700K accounts suspended for impersonating public figures alone.

🔒 5.1B bad ads blocked
🔍 9.1B restricted
🚫 1.3B pages hit
👤 5M+ scam accounts suspended
🤖 AI flagged 700K deepfake scams

🔗 Full story: https://thehackernews.com/2025/04/google-blocked-51b-harmful-ads-and.html

Over 50% of vulnerabilities are exploited within 7 days of discovery.

Learn how to reduce MTTR and secure your apps with insights from ActiveState's 2025 State of Vulnerability Management & Remediation Report.

🛡️ Stay ahead of threats—download now! https://thn.news/vulnerability-management-2025

#DevSecOps #OpenSource

🔐🌍 UPDATE — CISA extends funding to prevent a shutdown of the CVE Program.

A new CVE Foundation is also launched to ensure global, independent oversight—just as ENISA rolls out the EU Vulnerability Database.

Read: https://thehackernews.com/2025/04/us-govt-funding-for-mitres-cve-ends.html#update-cisa-extends-cve-program-contract-amid-funding-crisis

🔥 One task away from total takeover?

4 local privilege escalation flaws found in schtasks.exe—a core part of Windows Task Scheduler.

Attackers can:
• Bypass UAC
• Run SYSTEM-level commands
• Erase security logs
• Impersonate admins using known passwords.

Fix not yet available.

🔗 Full story → https://thehackernews.com/2025/04/experts-uncover-four-new-privilege.html

🚨 Targeted iPhone attacks in the wild.

Apple just patched 2 new zero-days—bringing 2025’s total to 5 actively exploited flaws.

→ One lets hackers run code via malicious audio files
→ Another bypasses Pointer Authentication using memory tricks

🔗 Details here: https://thehackernews.com/2025/04/apple-patches-two-actively-exploited.html

Update now: iOS 18.4.1, macOS Sequoia 15.4.1, tvOS, visionOS

🚨 Actively Exploited SonicWall Flaw Hits CISA’s KEV List.

Remote attackers can execute code via SMA 100 Series bug (CVE-2021-20035, CVSS 7.2).

➡️ Injects OS commands as ‘nobody’ user
➡️ Impacts SMA 200–500v on outdated firmware
➡️ FCEB agencies must patch by May 7, 2025

Your VPN gateway could be the backdoor. Patch it

Learn more: https://thehackernews.com/2025/04/cisa-flags-actively-exploited.html

🚨 Microsoft Alert: Node.js-Powered Malware Campaign Ongoing...

Since Oct 2024, fake Binance & TradingView installers have been used to deploy malware via Node.js and PowerShell.

Linked threats include ClickFix tricks, SectopRAT malware, fake PDF tools, and HR-themed phishing kits.

Learn more: https://thehackernews.com/2025/04/nodejs-malware-campaign-targets-crypto.html

🚨 CVSS 10.0 ALERT: Remote Code Execution in Erlang/OTP SSH (CVE-2025-32433)

No auth. Full control. Widespread impact.

Used in Cisco, Ericsson, OT/IoT, and edge systems, this bug lets attackers run code without logging in.

If SSH runs as root? Game over. 👀

🔗 Full details → https://thehackernews.com/2025/04/critical-erlangotp-ssh-vulnerability.html

🔥 Fix now → OTP-27.3.3 / 26.2.5.11 / 25.3.2.20 Block SSH ports as temp fix.