🔥 Google Chrome just got SMARTER!!!

It now auto-changes compromised passwords—in one click.

🔐 Detects hacked passwords
🤖 Auto-generates a strong password
⚡ Instantly updates them

See it in action: https://thehackernews.com/2025/05/google-chrome-can-now-auto-change.html

“SaaS is quietly breaking everything we knew about security.” — JPMorgan’s CISO just sounded the alarm.

From invisible AI agents to risky OAuth tokens, the stakes are rising fast.

👉 4th-party risk is exploding
👉 Non-human identities outnumber users
👉 Admin backdoors + invisible AI agents

👀 What now? Read the analysis → https://thehackernews.com/expert-insights/2025/05/jpmorgan-ciso-spotlights-saas-security.html

🚨 Mobile users, beware.

PWAs Weaponized in Adult-Content Scam.

Hackers are using full Progressive Web Apps (PWAs) to launch a redirection attack—targeting only Android & iOS users while bypassing desktops entirely.

Learn more ➤ https://thehackernews.com/2025/05/researchers-expose-pwa-javascript.html

🚨 One email = FULL BREACH.

Phishing kits like Tycoon2FA bypass filters, trick users & steal creds in seconds.

⚡ See every click, every redirect, every fake login—live—inside this sandbox. Verdicts in <40 seconds. IOC-rich reports.

🔗 Learn how → https://thehackernews.com/2025/05/how-to-detect-phishing-attacks-faster.html

👀 WATCH OUT — If it’s trending, it’s bait.

Cybercriminals are hijacking Facebook ads to impersonate Kling AI—tricking users into downloading malware via fake image generators.

Crypto wallets. Remote access. 70+ spoofed pages.

🔗 Details → https://thehackernews.com/2025/05/fake-kling-ai-facebook-ads-deliver-rat.html

🚨 CI/CD pipelines move fast—but security often lags behind.

Misconfigs, weak containers, and unchecked code can open real attack paths.

Wazuh spots what others miss—and stops it cold.

🔍 See the risks + how to fix them → https://thehackernews.com/2025/05/securing-cicd-workflows-with-wazuh.html

🚨 From Inbox to Full Compromise:

Hackers are hitting Russian businesses with phishing emails disguised as docs, delivering PureRAT malware for full-system access, password theft & crypto hijacking.

🎯 Attacks have quadrupled in early 2025.

🔗 Details: https://thehackernews.com/2025/05/purerat-malware-spikes-4x-in-2025.html

⚠️ Russia’s cyber war isn’t just on the battlefield—it’s hitting inboxes across the West.

APT28 (Fancy Bear) is targeting logistics, defense & IT firms in 14 countries to track aid to Ukraine.

Outlook, Roundcube, VPNs—even border cameras compromised.

🔗 Learn more: https://thehackernews.com/2025/05/russian-hackers-exploit-email-and-vpn.html

🔥 Biggest Info-Stealer Takedown of 2025!

🚨 2,300+ domains seized | 10M+ infections cut off.

Lumma Stealer—the world’s top info-stealer—just got dismantled by a global strike led by Microsoft, FBI, and Europol.

🔗 Read this story → https://thehackernews.com/2025/05/fbi-and-europol-disrupt-lumma-stealer.html

Most companies think their identity security is under control—It’s not.

🚨 <4% have fully automated ID workflows
🔑 89% depend on users to manually enable MFA
📉 52% faced breaches from manual ID tasks

Read latest 2025 report → https://thehackernews.com/2025/05/identity-security-has-automation.html

🚨 3 Critical Flaws. 1 Exploit Chain. No Fix.

Versa Concerto's SD-WAN platform has 3 severe CVEs—one rated 10.0—that can let attackers bypass auth, escalate privileges & gain full system control via reverse shell.

🔗 Read this story → https://thehackernews.com/2025/05/unpatched-versa-concerto-flaws-let.html

🚨 China-linked UNC5221 hackers exploited Ivanti EPMM zero-days (CVE-2025-4427 & 4428) immediately after disclosure, targeting mobile endpoints in defense, healthcare, and finance sectors.

Full report → https://thehackernews.com/2025/05/chinese-hackers-exploit-ivanti-epmm.html

⚡ Webinar ALERT!

Cybersecurity isn't enough—you must prove it.

Courts, regulators, and insurers demand "reasonable" programs, and vague efforts won't suffice. Learn what this means and how to comply.

📅 Register for this free session now → https://thehackernews.com/2025/05/webinar-learn-how-to-build-reasonable.html

🛑 WARNING — Any user to Domain Admin?

Akamai researchers demoed BadSuccessor, an attack abusing the new dMSA feature—enabled by default—to escalate privileges in Active Directory.

✅ Works in 91% of orgs.
❌ No patch yet

Details here → https://thehackernews.com/2025/05/critical-windows-server-2025-dmsa.html

⚠️ A Chinese-speaking threat actor quietly breached U.S. local gov systems via a critical flaw in Cityworks.

They didn’t just break in—they stayed—deploying Cobalt Strike & VShell via Rust-based TetraLoader.

Full report → https://thehackernews.com/2025/05/chinese-hackers-exploit-trimble.html

💥 Hidden code. Stolen secrets. Weaponized AI.

GitLab’s AI assistant Duo was vulnerable to indirect prompt injection—letting attackers quietly steal source code, embed malicious links, and exfiltrate zero-days.

Learn more: https://thehackernews.com/2025/05/gitlab-duo-vulnerability-enabled.html

🚨 New CISA Alert: Hackers exploited CVE-2025-3928 in Commvault’s Metallic SaaS, compromising M365 credentials.

This isn’t an isolated case—it’s part of a broader campaign targeting SaaS apps with default configs and excessive permissions.

🔍 Details: https://thehackernews.com/2025/05/cisa-warns-of-suspected-broader-saas.html

🔥 The DoJ has dismantled DanaBot—a Russian-controlled malware that infected 300K+ devices and caused $50M+ in global losses.

16 charged. Servers seized.

Some hackers unmasked after accidentally infecting themselves.

Read more: https://thehackernews.com/2025/05/us-dismantles-danabot-malware-network.html

🔥 Europol just dropped the hammer: 300 servers taken down, €3.5M in crypto seized, and 20 international arrest warrants issued—key QakBot and TrickBot operatives named.

At the same time, Operation RapTor arrested 270 dark web vendors across 10 countries, seizing €184M in cash and crypto, 2 tons of drugs, and 180 firearms.

🔗 Learn more → https://thehackernews.com/2025/05/300-servers-and-35m-seized-as-europol.html

🛡️ 99.45% detection. 0.07% false positives.

SafeLine is now the top open-source WAF on GitHub (16.4K+ ⭐) — built for teams needing full control, zero-day defense, and advanced bot protection.

👉 See why it’s outpacing cloud WAFs → https://thehackernews.com/2025/05/safeline-waf-open-source-web.html

🚨 5,300 routers hijacked—not to attack, but to spy.

A shadowy group dubbed ViciousTrap is turning Cisco routers across 84 countries into a massive honeypot-style network—not to attack, but to silently watch.

🔍 Exploiting CVE-2023-20118
👻 Dropping a script called NetGhost

Read: https://thehackernews.com/2025/05/vicioustrap-uses-cisco-flaw-to-build.html