🚨 Hackers are exploiting free software trials to hijack executive systems in Brazil.

Using fake invoices and Dropbox links, they’re slipping past defenses—and it’s working.

The twist? They’re not using malware. They’re using legit IT tools.

Learn more → https://thehackernews.com/2025/05/initial-access-brokers-target-brazil.html

🛑 Hacker Caught Mid-Interview—Live on Zoom!

North Korean attackers are posing as job applicants using fake resumes, AI tools, and stealth malware to breach companies. Some have slipped through.

OtterCookie v4 reveals just how deep the campaign goes—stealing credentials, crypto wallets, even iCloud Keychain data.

🔗 See the full story → https://thehackernews.com/2025/05/ottercookie-v4-adds-vm-detection-and.html

🔥 BREAKING: $46M cybercrime empire busted.

FBI & Dutch forces take down a botnet run on hacked home routers—active since 2004.

Used by criminals to stay anonymous.

You might be part of it... and not even know.

🔗 Read what they uncovered: https://thehackernews.com/2025/05/breaking-7000-device-proxy-botnet-using.html

🚨 $1.9 BILLION Crypto Swap Site Seized!

Germany’s BKA has shut down eXch[.]cx, a crypto exchange used by North Korean hackers & darknet actors.

🔍 €34M in crypto seized
📁 8 TB of data confiscated
🌐 Ran on clearnet + dark web

Read full story ➝ https://thehackernews.com/2025/05/germany-shuts-down-exch-over-19b.html

👀 They tracked your face, your steps—even your searches in "Incognito."

Now, Google will pay Texas $1.375 BILLION to settle one of the largest privacy lawsuits in U.S. history.

And nearly equal to Meta’s record fine.

🔗 See the full story → https://thehackernews.com/2025/05/google-pays-1375-billion-to-texas-over.html

🚨 AI Tools or Trojan Horses?

Cybercriminals are hijacking the AI hype—luring users with fake video-editing platforms to drop stealthy malware.

👀 One viral Facebook post hit 62,000+ views
💥 Looks like “CapCut AI.” Acts like a stealer.
🎭 And the dev? Proudly calls himself a Malware Developer from Vietnam.

🔗 Read details here: https://thehackernews.com/2025/05/fake-ai-tools-used-to-spread.html

🔓 Thousands of leaked secrets are still valid—years later.

GitGuardian’s 2025 report reveals a growing crisis: exposed cloud & DB credentials in public repos aren’t being revoked. Not even after discovery.

The problem? Detection ≠ protection.
Why are orgs ignoring this risk? What’s keeping secrets live in production?

👀 The answers are alarming. Read the full report: https://thehackernews.com/2025/05/the-persistence-problem-why-exposed.html

💣 No phishing. No pop-ups. Just silent backdoors inside tools you already trust.

IoT botnets, spyware rulings, and supply chain threats made headlines this week.

⚡ Read the recap CISOs are watching: https://thehackernews.com/2025/05/weekly-recap-zero-day-exploits.html

🚨 One Click. Full Control.

Two critical flaws (CVE-2025-3462 & CVE-2025-3463) in ASUS DriverHub exposed users to remote code execution—just by clicking a malicious link.

Patch released on May 9—but have you updated yet?

🔗 Read the full details → https://thehackernews.com/2025/05/asus-patches-driverhub-rce-flaws.html

🔥 Zero Trust is the hottest buzzword in security—
But most teams are still getting it wrong.

Why?
Because you can’t protect what you can’t see.
And you can’t manage what your tools can’t reach.

🎤 Join John Kindervag (yes, the creator of Zero Trust) for a live session on what’s actually working—and where most teams fall short.

✅ Where to start—without ripping your stack
⚠️ Common pitfalls
🚫 Secure what your identity tools miss

📅 May 22 | 10 AM PT
🔗 Register here: https://thn.news/zero-trust-practice

🚨 A zero-day exploit, a chat app, and a silent cyberwar.

A Türkiye-linked hacker group Marbled Dust exploited CVE-2025-27920 in India's Output Messenger—targeting Kurdish military users in Iraq via a stealthy backdoor.

Read details ➡️ https://thehackernews.com/2025/05/turkiye-hackers-exploited-output.html

👀 Busted.

A 45-year-old man has been arrested in Moldova for a €4.5M DoppelPaymer ransomware attack on Dutch institutions—including the Netherlands' top science agency (NWO) in 2021.

Read the full story ➝ https://thehackernews.com/2025/05/moldovan-police-arrest-suspect-in-45m.html

🛑 One breach at Tier 0… and it’s game over.

Active Directory runs in 90% of Fortune 1000. That’s why it’s the #1 target.

Microsoft's fix:
🔐 Tier 0 = Control Plane (AD, domain controllers, identity tools)
✅ Just-in-Time access
🚫 No standing admin privileges
🧱 Isolate it from lower tiers

One breach here = full network compromise.

🔗 Learn how to secure it right: https://thehackernews.com/expert-insights/2025/05/securing-tier-0-history-of-escalating.html

🚨 The person you're speaking to on Zoom might be AI.

Voice phishing surged 442% in 2024. Deepfakes now impersonate CEOs, job candidates—even your coworkers.

🔐 Detection isn’t enough. Trust must be proven—cryptographically.

👀 See how (demo) → https://thehackernews.com/2025/05/deepfake-defense-in-age-of-ai.html

🚨 North Korea’s Konni APT is targeting Ukraine.

Phishing, fake think tanks, malware-laced files—this isn’t your usual intel op.

The goal? Not battlefield data—but something far more strategic.

🔗 Full story → https://thehackernews.com/2025/05/north-korean-konni-apt-targets-ukraine.html

🚨 Crypto devs, beware!

A fake solana-token package on PyPI was caught stealing source code and secrets from developer machines — disguised as a legit blockchain tool.

— 761 installs before takedown
— Audit every dependency

Read: https://thehackernews.com/2025/05/malicious-pypi-package-posing-as-solana.html

🚨 581 SAP servers BREACHED.

China-linked APTs are exploiting CVE-2025-31324 to backdoor critical infrastructure—gas, water, and gov sectors across the 🇺🇸 🇬🇧 🇸🇦

3 active hacking groups, persistent access.

🔗 Details here: https://thehackernews.com/2025/05/china-linked-apts-exploit-sap-cve-2025.html

🚨 Another Ivanti exploit ALERT!

Attackers are chaining two new flaws (CVE-2025-4427, 4428) for remote code execution on vulnerable EPMM versions.

— Risk: Auth bypass ➕ RCE
— Exploited: Yes (limited cases)

⚠️ Act fast—patch now / read more: https://thehackernews.com/2025/05/ivanti-patches-epmm-vulnerabilities.html

🚨 Critical Fortinet 0-Day Exploited in Attacks!

Hackers are hitting FortiVoice systems in the wild—logging creds, wiping crash logs, scanning networks.

CVE-2025-32756 (CVSS 9.6) affects:
—FortiVoice, FortiMail, FortiNDR
—FortiRecorder, FortiCamera

Exploitable without login via crafted HTTP requests.

🔗 Details: https://thehackernews.com/2025/05/fortinet-patches-cve-2025-32756-zero.html

🛑 5 Microsoft zero-days exploited in the wild!

One flaw lets attackers hijack full system control—just by visiting a webpage.

◆ 78 flaws fixed — 11 critical
◆ CVE-2025-30397 to 32709 now in CISA’s KEV list
◆ 10.0 CVSS bug in Azure DevOps Server

🔗 Details here: https://thehackernews.com/2025/05/microsoft-fixes-78-flaws-5-zero-days.html

🛡️ Don’t wait. Patch now.

🚨 URGENT UPDATE: Another SAP flaw under active exploitation!

CVE-2025-42999 (CVSS 9.1) is now confirmed actively exploited — allows attackers to execute commands via insecure deserialization in NetWeaver.

🛠 Patch now: SAP Note 3604119

Read: https://thehackernews.com/2025/05/china-linked-apts-exploit-sap-cve-2025.html