🛑 CRITICAL ALERT → U.S. funding for MITRE’s CVE vulnerability database program ends Wednesday.

MITRE warns: no funding = no new CVEs, degraded threat advisories, and slower incident response.

🛠️ CVEs power security tools, alerts, and patching across critical infrastructure.

🔍 Without it, defenders lose a key part of their playbook.

🔗 Full story → https://thehackernews.com/2025/04/us-govt-funding-for-mitres-cve-ends.html

🚨 New Android Phones, Pre-Loaded with Malware?!

Since June 2024, cheap Androids from Chinese brands like SHOWJI come with trojanized WhatsApp/Telegram apps out of the box.

📱 Fake models: “S24 Ultra”, “Note 13 Pro”, etc.
💸 Malware replaces your crypto wallet address in chats
🧠 Scans your images for mnemonic phrases
💰 Hackers netted $1.6M+ via 40+ infected apps & 60+ C2 servers

🔗 Check the list & protect your crypto → https://thehackernews.com/2025/04/chinese-android-phones-shipped-with.html

🚨 BPFDoor is back—with a stealthy new controller in play.

A fresh wave of BPFDoor attacks has hit telecom, finance & retail sectors in 🇰🇷🇲🇾🇭🇰🇲🇲🇪🇬 — using a stealth controller that opens reverse shells & moves laterally inside Linux networks.

🔗 Read → https://thehackernews.com/2025/04/new-bpfdoor-controller-enables-stealthy.html

⚠️ Why hack in… when you can just log in?

80% of breaches stem from SaaS identity misconfigurations.

One compromised account can trigger a chain: Entra ID takeover → GitHub exfiltration → Slack leaks

Wing Security gives full SaaS visibility—no agents, no blind spots.

✅ Identity & app mapping
✅ Real-time threat detection
✅ Full attack timeline

🔍 See how it works: https://thehackernews.com/2025/04/product-walkthrough-look-inside-wing.html

⚠️ Hackers are abusing AI tool Gamma to craft fake presentations that lead you to spoofed Microsoft SharePoint logins—and even fake CAPTCHA pages to dodge security scans.

🔗Details: https://thehackernews.com/2025/04/ai-powered-gamma-used-to-host-microsoft.html

🚨 Supply chain cyberattacks are exploding — and hitting where it hurts most: healthcare, retail, energy.

🦠 One breach = millions exposed.

The risk? Vendors are the backdoor. Hackers are walking right in.

Learn what’s driving this wave and how to stay ahead: https://thehackernews.com/2025/04/from-third-party-vendors-to-us-tariffs.html

👇 Google blocked 5.1B bad ads and banned 39.2M advertiser accounts in 2024.

AI flagged scams, deepfakes, and fraud at scale—700K accounts suspended for impersonating public figures alone.

🔒 5.1B bad ads blocked
🔍 9.1B restricted
🚫 1.3B pages hit
👤 5M+ scam accounts suspended
🤖 AI flagged 700K deepfake scams

🔗 Full story: https://thehackernews.com/2025/04/google-blocked-51b-harmful-ads-and.html

Over 50% of vulnerabilities are exploited within 7 days of discovery.

Learn how to reduce MTTR and secure your apps with insights from ActiveState's 2025 State of Vulnerability Management & Remediation Report.

🛡️ Stay ahead of threats—download now! https://thn.news/vulnerability-management-2025

#DevSecOps #OpenSource

🔐🌍 UPDATE — CISA extends funding to prevent a shutdown of the CVE Program.

A new CVE Foundation is also launched to ensure global, independent oversight—just as ENISA rolls out the EU Vulnerability Database.

Read: https://thehackernews.com/2025/04/us-govt-funding-for-mitres-cve-ends.html#update-cisa-extends-cve-program-contract-amid-funding-crisis

🔥 One task away from total takeover?

4 local privilege escalation flaws found in schtasks.exe—a core part of Windows Task Scheduler.

Attackers can:
• Bypass UAC
• Run SYSTEM-level commands
• Erase security logs
• Impersonate admins using known passwords.

Fix not yet available.

🔗 Full story → https://thehackernews.com/2025/04/experts-uncover-four-new-privilege.html

🚨 Targeted iPhone attacks in the wild.

Apple just patched 2 new zero-days—bringing 2025’s total to 5 actively exploited flaws.

→ One lets hackers run code via malicious audio files
→ Another bypasses Pointer Authentication using memory tricks

🔗 Details here: https://thehackernews.com/2025/04/apple-patches-two-actively-exploited.html

Update now: iOS 18.4.1, macOS Sequoia 15.4.1, tvOS, visionOS

🚨 Actively Exploited SonicWall Flaw Hits CISA’s KEV List.

Remote attackers can execute code via SMA 100 Series bug (CVE-2021-20035, CVSS 7.2).

➡️ Injects OS commands as ‘nobody’ user
➡️ Impacts SMA 200–500v on outdated firmware
➡️ FCEB agencies must patch by May 7, 2025

Your VPN gateway could be the backdoor. Patch it

Learn more: https://thehackernews.com/2025/04/cisa-flags-actively-exploited.html

🚨 Microsoft Alert: Node.js-Powered Malware Campaign Ongoing...

Since Oct 2024, fake Binance & TradingView installers have been used to deploy malware via Node.js and PowerShell.

Linked threats include ClickFix tricks, SectopRAT malware, fake PDF tools, and HR-themed phishing kits.

Learn more: https://thehackernews.com/2025/04/nodejs-malware-campaign-targets-crypto.html

🚨 CVSS 10.0 ALERT: Remote Code Execution in Erlang/OTP SSH (CVE-2025-32433)

No auth. Full control. Widespread impact.

Used in Cisco, Ericsson, OT/IoT, and edge systems, this bug lets attackers run code without logging in.

If SSH runs as root? Game over. 👀

🔗 Full details → https://thehackernews.com/2025/04/critical-erlangotp-ssh-vulnerability.html

🔥 Fix now → OTP-27.3.3 / 26.2.5.11 / 25.3.2.20 Block SSH ports as temp fix.

🔥 Blockchain won’t kill passwords yet—but it may change how we authenticate.

Decentralized IDs + cryptographic keys = fewer breaches, no central targets.

Used in finance (KYC) & healthcare (patient data), it’s real—and growing.

But until blockchain scales, passwords stay. Just make them strong.

➡️ Learn more: https://thehackernews.com/2025/04/blockchain-offers-security-benefits-but.html

🚨 Copy. Paste. Get hacked.

North Korea, Iran & Russia are now pushing ClickFix—a sneaky trick that fools users into running malware on their own devices.

Learn more → https://thehackernews.com/2025/04/state-sponsored-hackers-weaponize.html

🚨 AI isn’t just coding faster—it’s rewriting the rulebook.

LLMs have entered the threat landscape. From spear-phishing and voice fraud to malware with OCR, attackers are now using AI to scale, blend, and evolve.

Defenders use AI too—but GenAI interfaces expose a new attack surface.

🔗 Full deep dive in Security Navigator 2025: https://thehackernews.com/2025/04/artificial-intelligence-whats-all-fuss.html

🚨 China-backed hackers are deploying TONESHELL v3, StarProxy, and stealth tools like SplatCloak to breach Myanmar targets—dodging EDR, logging keystrokes, and hopping across networks with FakeTLS tricks.

• 3 TONESHELL variants
• 2 new keyloggers (PAKLOG, CorKLOG)
• StarProxy – a lateral movement proxy over FakeTLS
• SplatCloak – a Windows kernel-level EDR evasion driver

Details here 👉 https://thehackernews.com/2025/04/mustang-panda-targets-myanmar-with.html

🚨 New NTLM flaw (CVE-2025-24054) is being actively exploited to steal Windows credentials—just by downloading a file. No clicks, no execution needed.

This "low-interaction" bug leaks NTLMv2 hashes via SMB—perfect for pass-the-hash attacks.

🔗 Details here: https://thehackernews.com/2025/04/cve-2025-24054-under-active.html

🚨 New XorDDoS Variant Targets U.S. Servers!

The malware is now hijacking Docker and Linux systems via SSH brute-force attacks.

A new “VIP” controller spotted in 2024 suggests it’s being sold as a service, expanding botnet operations.

Full story → https://thehackernews.com/2025/04/experts-uncover-new-xorddos-controller.html

AI is already in your SaaS. The real question: Do you know where—or how risky it is?

Employees are using ChatGPT, bots, and AI tools without security oversight. Shadow AI is real—and your old playbook won’t catch it.

🔥 WEBINAR — Join AI security expert and learn:
📌 Real breach cases
⚙️ Detection strategies that actually work
🚨 What to do before your next silent breach

Join the webinar → https://thehackernews.com/2025/04/webinar-ai-is-already-inside-your-saas.html