⚠️ Hold your phone near your card... and they drain your bank account.

A new Android malware-as-a-service, SuperCard X, is targeting Italians with NFC relay attacks—letting cybercriminals remotely steal card data and pull off ATM & PoS fraud.

👉 Learn how it works: https://thehackernews.com/2025/04/supercard-x-android-malware-enables.html

Google’s now working on a new Android update to block risky app installs. But until then—stay sharp. Think before tapping.

🚨 Your MDM isn’t enough. Most breaches start with a device you can’t see.

Unmanaged laptops, outdated personal phones, misconfigured tools—attackers love them.
MDM/EDR miss the mark.

Device Trust closes the gap.

👀 See how: https://thehackernews.com/2025/04/5-reasons-device-management-isnt-device.html

🕵️‍♂️ Kimsuky is back—and digging deep.

A new Larva-24005 campaign is exploiting old RDP bugs (BlueKeep, CVE-2019-0708) to breach systems in South Korea, Japan & beyond—with targets across energy, finance & tech.

Learn more: https://thehackernews.com/2025/04/kimsuky-exploits-bluekeep-rdp.html

💣 Lotus Panda, a China-linked APT, breached key sectors across Southeast Asia—govt, telecom, air traffic—from Aug 2024 to Feb 2025.

New tools. Stolen Chrome data. Hijacked legit software.

Read full report 👉 https://thehackernews.com/2025/04/lotus-panda-hacks-se-asian-governments.html

⚠️ AI is Supercharging DDoS Attacks.

Hackers now use AI to launch smarter, harder-to-stop DDoS attacks. Most defenses fail because they’re poorly set up — not because they’re weak.

🔗 Free DDoS Threat Check → https://thehackernews.com/expert-insights/2025/04/how-ai-and-iot-are-supercharging-ddos.html

🔥 Microsoft boosts security after major China-backed breach.

—MSA sign-ins moved to Azure confidential VMs

—92% of staff now use phishing-resistant MFA

—81% of code branches protected with proof-of-presence

—New Quick Machine Recovery auto-fixes Windows boot failures

See details: https://thehackernews.com/2025/04/microsoft-secures-msa-signing-with.html

🚨 Signed by Google. Hosted by Google. Hijacked by Hackers.

👀 Hackers sent real emails from [email protected] — fully verified, signed, no warnings. Victims handed over passwords, believing it was legit.

✔️ Real Google email
✔️ Fake login on Google Sites
✔️ Passed DKIM, SPF, DMARC

🔗 Full story: https://thehackernews.com/2025/04/phishers-exploit-google-sites-and-dkim.html

Each user is unique. Their security should be too.

Join Bitdefender on April 23 for the LIVE launch of GravityZone PHASR — a breakthrough in reducing employee attack surfaces by up to 95%.

🔒 Adaptive, user-focused protection
🎥 Live demo + expert insights

📅 Secure your spot here: https://thn.news/gravityzone-bitdefender-x

🛑 Privilege Escalation in Google Cloud!

A serious bug in Cloud Composer (GCP) let attackers with edit access take control of key services like Cloud Storage and Artifact Registry by uploading malicious code.

🔗 Read this story here: https://thehackernews.com/2025/04/gcp-cloud-composer-bug-let-attackers.html

👀 Browsers are the new battleground. 70% of modern malware starts here, yet most organizations overlook it.

AI tools, phishing, shadow IT, and risky extensions hide in plain sight.

Legacy security is inadequate. Monitor where work happens—the browser.

👉 Explore new risks. Read: https://thehackernews.com/2025/04/5-major-concerns-with-employees-using.html

🛑 New Malware Targets Docker — but it’s not about crypto mining anymore.

Hackers are hijacking Docker to run fake nodes on a Web3 network called Teneo. Instead of mining, they farm TENEO tokens by sending fake heartbeat signals.

🔹 325+ downloads from Docker Hub

Read more ➝ https://thehackernews.com/2025/04/docker-malware-exploits-teneo-web3-node.html

🔥 Google pulls the plug on third-party cookie prompts in Chrome.

No more new pop-ups — just Incognito upgrades & IP protection by Q3 2025.

While Firefox & Safari banned 3rd-party cookies in 2020, Google stalls—caught between privacy & profit.

Read — https://thehackernews.com/2025/04/google-drops-cookie-prompt-in-chrome.html

🚨 Crypto Devs, Watch Out!

Ripple's xrpl.js library was backdoored to steal private keys! Over 2.9M downloads, 135K devs at risk.

🗓️ Malicious versions: 4.2.1–4.2.4, 2.14.2
🛡️ Safe versions: 4.2.5, 2.14.3
👤 Hacker hijacked a Ripple dev's npm account on April 21, 2025.

🔗 Learn more: https://thehackernews.com/2025/04/ripples-xrpljs-npm-package-backdoored.html

🚨 New Tactics from Russian Hackers!

Since March 2025, Russian threat groups UTA0352 & UTA0355 are targeting Ukraine-linked orgs via Microsoft 365 OAuth abuse.

No fake sites—just official Microsoft URLs, real Signal/WhatsApp invites, and compromised Ukrainian Gov accounts.

🔗 Learn more: https://thehackernews.com/2025/04/russian-hackers-exploit-microsoft-oauth.html

👀 Phishing isn't just an email problem anymore!

2025's #1 breach method? Identity attacks — phishing + stolen creds now top software exploits. MFA? Often bypassed. Detection? Too slow.

Real-time browser-based defense is the future. Stop attacks before passwords are stolen.

Learn more: https://thehackernews.com/2025/04/three-reasons-why-browser-is-best-for.html

⚠️ Target: Russian Military!

Android.Spy.1292.origin spyware steals data via fake Alpine Quest apps.

— Spread via fake Telegram & Rus. app stores
— Steals loc., contacts, files
— Sends data to Telegram bot, runs hidden malware

Doctor Web says it mimics Alpine Quest Pro, widely used in military zones.

Read: https://thehackernews.com/2025/04/android-spyware-disguised-as-alpine.html

👀 Kaspersky found a Windows backdoor in fake ViPNet updates targeting Russian government, finance, and industry.

💼 Dream Job? Or Cyber Trap?

Iranian hackers UNC2428 lured Israelis with fake jobs at defense giant Rafael. Victims downloaded “RafaelConnect.exe” — a trap that secretly installed the MURKYTOUR backdoor, giving attackers full access.

Read now → https://thehackernews.com/2025/04/iran-linked-hackers-target-israel-with.html

DPRK hackers are inside Web3—stealing crypto to fund WMDs.

In 2023, $137M stolen in 1 day via phishing. In 2024, they used deepfakes to win real jobs & extort firms. 12 fake identities at one US firm alone.

Learn more: https://thehackernews.com/2025/04/dprk-hackers-steal-137m-from-tron-users.html

🔒 WhatsApp rolls out Advanced Chat Privacy!

🔸 Blocks chat exports, auto-downloads, & AI use in sensitive convos.
🔸 Still allows screenshots & manual media saves.
🔸 Available now for all users on the latest update.

Update to try it 👉 https://thehackernews.com/2025/04/whatsapp-adds-advanced-chat-privacy-to.html

🔥 Critical Exploit Alert!

A 9.0 CVSS flaw in Commvault Command Center lets hackers run code without logging in.

🎯 Targets versions 11.38.0–11.38.19
💥 Pre-auth SSRF → Remote Code Execution

Learn more about CVE-2025-34028 here: https://thehackernews.com/2025/04/critical-commvault-command-center-flaw.html

👀 133M patient records breached in 2024. Now, hackers target devices that save lives—not just data.

Zero Trust is mandatory. New HIPAA rules demand it.

Main Line Health secured their network with Armis + Elisity—in hours, not months.

🔒 See how microsegmentation protects both patients & systems: https://thehackernews.com/2025/04/automating-zero-trust-in-healthcare.html