🚨 Windows 10 isn’t dead yet.
Microsoft is offering 1 more year of critical security updates—if you:
• Sync to the cloud
• Redeem points
• Or pay $30
But there's a catch: You must sign in with a Microsoft account.
Here’s what’s changing → https://thehackernews.com/2025/06/microsoft-extends-windows-10-security.html
Microsoft is offering 1 more year of critical security updates—if you:
• Sync to the cloud
• Redeem points
• Or pay $30
But there's a catch: You must sign in with a Microsoft account.
Here’s what’s changing → https://thehackernews.com/2025/06/microsoft-extends-windows-10-security.html
🤔25😁21🤯9👍4🔥2
🚨 35 malicious npm packages linked to North Korea's “Contagious Interview” op exposed.
Hackers posed as recruiters, tricking devs into running spyware-laced job assignments. Some malware still live on npm.
The goal? Crypto theft & full device takeover.
Read now → https://thehackernews.com/2025/06/north-korea-linked-supply-chain-attack.html
Hackers posed as recruiters, tricking devs into running spyware-laced job assignments. Some malware still live on npm.
The goal? Crypto theft & full device takeover.
Read now → https://thehackernews.com/2025/06/north-korea-linked-supply-chain-attack.html
😁12👏5🔥2🤯1
🚨 Hackers are abusing trusted tools to fly under the radar.
Fake SonicWall VPN apps are stealing credentials, while ConnectWise installers signed with valid certificates are dropping malware masked as AI tools or Windows updates.
How both attacks work → https://thehackernews.com/2025/06/sonicwall-netextender-trojan-and.html
Fake SonicWall VPN apps are stealing credentials, while ConnectWise installers signed with valid certificates are dropping malware masked as AI tools or Windows updates.
How both attacks work → https://thehackernews.com/2025/06/sonicwall-netextender-trojan-and.html
👍18😁7
🚨 Thousands of passports, IDs & bank statements from Saudi Games 2024 leaked online by pro-Iranian hackers.
They broke into phpMyAdmin, dumped it all on a dark forum—and that’s just the start.
Here’s how this cyberwar is spiraling across borders ↓ https://thehackernews.com/2025/06/pro-iranian-hacktivist-group-leaks.html
They broke into phpMyAdmin, dumped it all on a dark forum—and that’s just the start.
Here’s how this cyberwar is spiraling across borders ↓ https://thehackernews.com/2025/06/pro-iranian-hacktivist-group-leaks.html
😁26🤯7⚡4👏3😱3
🚨 Citrix Bleed 2 is here — CVE-2025-5777 lets attackers hijack sessions without logging in. Just like the 2023 CitrixBleed mess… but worse.
SAP users aren't safe either — input histories stored with weak/no encryption can leak SSNs, bank data.
Read → https://thehackernews.com/2025/06/citrix-bleed-2-flaw-enables-token-theft.html
SAP users aren't safe either — input histories stored with weak/no encryption can leak SSNs, bank data.
Read → https://thehackernews.com/2025/06/citrix-bleed-2-flaw-enables-token-theft.html
👍9🔥5👏5😁2
🚨 Critical Citrix flaw is under active attack.
CVE-2025-6543 (CVSS 9.2) is being exploited in the wild—affecting NetScaler ADC VPN setups.
The catch? Many are still unpatched. And this follows another 9.3-rated bug just weeks ago.
Details + fixes you can’t ignore → https://thehackernews.com/2025/06/citrix-releases-emergency-patches-for.html
CVE-2025-6543 (CVSS 9.2) is being exploited in the wild—affecting NetScaler ADC VPN setups.
The catch? Many are still unpatched. And this follows another 9.3-rated bug just weeks ago.
Details + fixes you can’t ignore → https://thehackernews.com/2025/06/citrix-releases-emergency-patches-for.html
👍13
🚨 New research: 9% of Microsoft Entra SaaS apps vulnerable to stealth account takeover via nOAuth.
Just an email + tenant access—no password, no MFA.
No alerts. No fix unless vendors update their apps.
Details on nOAuth abuse → https://thehackernews.com/2025/06/noauth-vulnerability-still-affects-9-of.html
Just an email + tenant access—no password, no MFA.
No alerts. No fix unless vendors update their apps.
Details on nOAuth abuse → https://thehackernews.com/2025/06/noauth-vulnerability-still-affects-9-of.html
👏8⚡5👍1
🔍 UPDATE: The Havoc backdoor used by Iranian hackers is far more advanced than we thought.
Injected via conhost.dll, it supports BOFs, token theft, lateral movement, and runs fully in memory.
Find details here → https://thehackernews.com/2025/05/iranian-hackers-maintain-2-year-access.html
Injected via conhost.dll, it supports BOFs, token theft, lateral movement, and runs fully in memory.
Find details here → https://thehackernews.com/2025/05/iranian-hackers-maintain-2-year-access.html
👏36🔥14🤔6😁2
This media is not supported in your browser
VIEW IN TELEGRAM
WhatsApp launches AI-generated message summaries using Meta AI—starting in the U.S.
It says messages stay private via encrypted “Private Processing,” but scrutiny is growing.
Details here → https://thehackernews.com/2025/06/whatsapp-adds-ai-powered-message.html
It says messages stay private via encrypted “Private Processing,” but scrutiny is growing.
Details here → https://thehackernews.com/2025/06/whatsapp-adds-ai-powered-message.html
😁36🤔9😱9
🚨 A critical AMI firmware flaw (CVSS 10.0) is now under active attack.
CISA just added it—alongside unpatched D-Link and old Fortinet bugs—to its KEV list.
One enables full remote takeover. Another is tied to Akira ransomware.
Here’s what’s at risk → https://thehackernews.com/2025/06/cisa-adds-3-flaws-to-kev-catalog.html
CISA just added it—alongside unpatched D-Link and old Fortinet bugs—to its KEV list.
One enables full remote takeover. Another is tied to Akira ransomware.
Here’s what’s at risk → https://thehackernews.com/2025/06/cisa-adds-3-flaws-to-kev-catalog.html
😁16
🚨Most orgs wrongly assume Salesforce backs up their data. It doesn’t.
Accidental deletions, failed automations, or ransomware? The Recycle Bin won’t help.
No metadata recovery. No rollback. No compliance support.
Here’s what that means — and what to do about it ↓ https://thehackernews.com/expert-insights/2025/06/your-salesforce-data-isnt-as-safe-as.html
Accidental deletions, failed automations, or ransomware? The Recycle Bin won’t help.
No metadata recovery. No rollback. No compliance support.
Here’s what that means — and what to do about it ↓ https://thehackernews.com/expert-insights/2025/06/your-salesforce-data-isnt-as-safe-as.html
😁11👏5🔥3
🚨 Hackers are selling access to African banks—and they’re hiding in plain sight.
They spoof Microsoft Teams & Palo Alto icons to drop spyware and backdoors like PoshC2 and Chisel.
Here’s how it works → https://thehackernews.com/2025/06/cyber-criminals-exploit-open-source.html
They spoof Microsoft Teams & Palo Alto icons to drop spyware and backdoors like PoshC2 and Chisel.
Here’s how it works → https://thehackernews.com/2025/06/cyber-criminals-exploit-open-source.html
👏21👍6🤔1
🚨 Iranian hackers are spear-phishing Israeli experts with AI-crafted fake Google Meet invites—stealing credentials and 2FA codes.
They’re posing as tech execs, using WhatsApp, and bypassing trust with custom phishing kits.
Here’s how they’re pulling it off ↓ https://thehackernews.com/2025/06/iranian-apt35-hackers-targeting-israeli.html
They’re posing as tech execs, using WhatsApp, and bypassing trust with custom phishing kits.
Here’s how they’re pulling it off ↓ https://thehackernews.com/2025/06/iranian-apt35-hackers-targeting-israeli.html
🔥54😁17⚡5👏4😱3👍2🤔2
This media is not supported in your browser
VIEW IN TELEGRAM
🚨 ClickFix attacks jumped 517% — now researchers warn of FileFix, a dangerous new PoC.
It tricks users into pasting a file path… that silently runs PowerShell.
Not active yet, but the method is worryingly simple — and ripe for abuse.
Details here → https://thehackernews.com/2025/06/new-filefix-method-emerges-as-threat.html
It tricks users into pasting a file path… that silently runs PowerShell.
Not active yet, but the method is worryingly simple — and ripe for abuse.
Details here → https://thehackernews.com/2025/06/new-filefix-method-emerges-as-threat.html
👏11
🚨 Cisco just patched two 10.0 CVSS flaws in ISE and ISE-PIC—unauthenticated RCE as root.
Attackers only need a crafted API call or file upload.
No workaround. If you're running 3.3+ or 3.4, patch now.
Details here → https://thehackernews.com/2025/06/critical-rce-flaws-in-cisco-ise-and-ise.html
Attackers only need a crafted API call or file upload.
No workaround. If you're running 3.3+ or 3.4, patch now.
Details here → https://thehackernews.com/2025/06/critical-rce-flaws-in-cisco-ise-and-ise.html
👏12👍4
🚨 SaaS is booming—but most companies are one wrong click away from disaster.
Native tools can’t protect against accidental deletions, insider threats, or ransomware.
The worst part? You won't know until it’s too late.
Learn more → https://thehackernews.com/2025/06/the-hidden-risks-of-saas-why-built-in.html
Native tools can’t protect against accidental deletions, insider threats, or ransomware.
The worst part? You won't know until it’s too late.
Learn more → https://thehackernews.com/2025/06/the-hidden-risks-of-saas-why-built-in.html
👍16⚡4🔥3
🚨 One flaw in Open VSX gave attackers full control over millions of developer machines.
They could've silently hijacked every VS Code extension.
The supply chain risk? Massive.
Here's how the breach almost happened — and why it matters now ↓ https://thehackernews.com/2025/06/critical-open-vsx-registry-flaw-exposes.html
They could've silently hijacked every VS Code extension.
The supply chain risk? Massive.
Here's how the breach almost happened — and why it matters now ↓ https://thehackernews.com/2025/06/critical-open-vsx-registry-flaw-exposes.html
😁10
🚨 Hackers are using Microsoft’s ClickOnce to deploy stealth malware—no admin rights, no alerts.
Targeting energy, oil & gas, the “OneClik” campaign hides Go-based backdoors via fake sites + AWS. It evades detection, hijacks trusted Windows processes, and mimics Cobalt Strike.
Learn more → https://thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html
Targeting energy, oil & gas, the “OneClik” campaign hides Go-based backdoors via fake sites + AWS. It evades detection, hijacks trusted Windows processes, and mimics Cobalt Strike.
Learn more → https://thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html
👏15🤔7🔥4👍3
🚨 Hackers are scanning MOVEit servers again—big spike started May 27.
Over 300 suspicious IPs hit in one day. Old ransomware bugs are being tested again.
If you use MOVEit, now’s the time to patch and lock it down.
Full story → https://thehackernews.com/2025/06/moveit-transfer-faces-increased-threats.html
Over 300 suspicious IPs hit in one day. Old ransomware bugs are being tested again.
If you use MOVEit, now’s the time to patch and lock it down.
Full story → https://thehackernews.com/2025/06/moveit-transfer-faces-increased-threats.html
👍10🔥3😱3
🚨 Chinese users targeted with fake WPS Office & DeepSeek sites—delivering Sainbox RAT + Hidden rootkit.
It’s the same group behind past fake Chrome installers.
Stealthy, low-effort, and still active.
Details → https://thehackernews.com/2025/06/chinese-group-silver-fox-uses-fake.html
It’s the same group behind past fake Chrome installers.
Stealthy, low-effort, and still active.
Details → https://thehackernews.com/2025/06/chinese-group-silver-fox-uses-fake.html
😁15🔥6🤔1
🚨 Up to 90% of SOC alerts are false positives.
Prophet AI filters noise, automates triage, and cuts response time from hours to minutes—boosting efficiency without adding headcount.
See how AI analysts transform your SOC → https://thehackernews.com/2025/06/business-case-for-agentic-ai-soc.html
Prophet AI filters noise, automates triage, and cuts response time from hours to minutes—boosting efficiency without adding headcount.
See how AI analysts transform your SOC → https://thehackernews.com/2025/06/business-case-for-agentic-ai-soc.html
😁13👏2🤔2