🚨 SaaS is booming—but most companies are one wrong click away from disaster.

Native tools can’t protect against accidental deletions, insider threats, or ransomware.

The worst part? You won't know until it’s too late.

Learn more → https://thehackernews.com/2025/06/the-hidden-risks-of-saas-why-built-in.html

🚨 One flaw in Open VSX gave attackers full control over millions of developer machines.

They could've silently hijacked every VS Code extension.

The supply chain risk? Massive.

Here's how the breach almost happened — and why it matters now ↓ https://thehackernews.com/2025/06/critical-open-vsx-registry-flaw-exposes.html

🚨 Hackers are using Microsoft’s ClickOnce to deploy stealth malware—no admin rights, no alerts.

Targeting energy, oil & gas, the “OneClik” campaign hides Go-based backdoors via fake sites + AWS. It evades detection, hijacks trusted Windows processes, and mimics Cobalt Strike.

Learn more → https://thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html

🚨 Hackers are scanning MOVEit servers again—big spike started May 27.

Over 300 suspicious IPs hit in one day. Old ransomware bugs are being tested again.

If you use MOVEit, now’s the time to patch and lock it down.

Full story → https://thehackernews.com/2025/06/moveit-transfer-faces-increased-threats.html

🚨 Chinese users targeted with fake WPS Office & DeepSeek sites—delivering Sainbox RAT + Hidden rootkit.

It’s the same group behind past fake Chrome installers.

Stealthy, low-effort, and still active.

Details → https://thehackernews.com/2025/06/chinese-group-silver-fox-uses-fake.html

🚨 Up to 90% of SOC alerts are false positives.

Prophet AI filters noise, automates triage, and cuts response time from hours to minutes—boosting efficiency without adding headcount.

See how AI analysts transform your SOC → https://thehackernews.com/2025/06/business-case-for-agentic-ai-soc.html

🚨 China-linked hackers just targeted Tibetans with fake documents tied to the Dalai Lama & WPCT.

Behind it? Mustang Panda’s new malware chain: Claimloader → PUBLOAD → Pubshell (reverse shell access).

The twist? It spreads via Google Drive links & even USB worms.

Learn more → https://thehackernews.com/2025/06/pubload-and-pubshell-malware-used-in.html

🚨 1,000+ hacked home & office devices turned into a covert spying network for Chinese ops.

Worse? The malware mimics the LAPD—and it’s still growing quietly across the US + Asia.

Details on “LapDogs” & the backdoor behind it → https://thehackernews.com/2025/06/over-1000-soho-devices-hacked-in-china.html

🚨 Facebook now asks to upload your phone photos—even unposted ones—to generate AI recaps, collages, and story ideas.

Say yes, and Meta can scan faces, locations, and more.

Full story → https://thehackernews.com/2025/06/facebooks-new-ai-tool-requests-photo.html

🚨 A Ukrainian military phishing campaign just escalated.

GIFTEDCROOK malware now steals not just browser data—but sensitive documents, emails, and VPN configs.

It hides in fake Excel files, exfiltrates via Telegram, and wipes its tracks.

The goal? Targeted intelligence ops.

Full report → https://thehackernews.com/2025/06/giftedcrook-malware-evolves-from.html

🚨 Scattered Spider is now targeting airlines, FBI warns.

Their method? Impersonate staff, trick help desks, bypass MFA—no malware needed.

Why it matters: Even C-level accounts are being hijacked with just a phone call.

Details here → https://thehackernews.com/2025/06/fbi-warns-of-scattered-spiders.html

🚨 83% of attacks now involve stolen credentials—and machines outnumber humans 50 to 1.

The real threat? Leaked API keys & orphaned tokens silently granting access across your stack.

GitGuardian just launched a smarter way to track every secret & secure your non-human identities.

Details here → https://thehackernews.com/2025/06/leveraging-credentials-as-unique.html

🚨 Blind Eagle is back—now using Russian bulletproof hosting (Proton66) to launch phishing attacks on Colombian banks.

They’re hiding malware in fake login pages & encrypted scripts.

The RATs they use are open-source—and still effective.

Full story → https://thehackernews.com/2025/06/blind-eagle-uses-proton66-hosting-for.html

🚨 A global crypto fraud ring just got busted—€460M laundered, 5,000+ victims worldwide.

The twist? It’s tied to scam compounds using forced labor and AI-powered romance baiting.

This is industrialized cybercrime.

Full story ↓ https://thehackernews.com/2025/06/europol-dismantles-540-million.html

🚨 U.S. agencies warn: Iranian-linked hackers may strike soon.

Targets? Defense firms tied to Israel. Tactics? Password cracking, phishing, OT access.

The threat is rising—even amid ceasefire talks.

Full details + mitigations → https://thehackernews.com/2025/06/us-agencies-warn-of-rising-iranian.html

🚨 Microsoft is killing password support in its Authenticator app by August 2025.

Autofill dies in July.
Saved logins? Only accessible in Edge—if it’s your default autofill.

Don’t export in time? You lose them.

What to know + what to do ↓ https://thehackernews.com/2025/07/microsoft-removes-password-management.html

🚨 North Korea infiltrated 100+ U.S. companies using fake remote workers—stealing data, crypto & defense tech.

They even used AI to forge voices, documents & LinkedIn profiles.

The worst part? Some were praised as top talent.

Full story → https://thehackernews.com/2025/07/us-arrests-key-facilitator-in-north.html

🚨 A new Chrome zero-day is already being exploited in the wild.

Discovered by Google TAG on June 25, CVE-2025-6554 lets attackers run malicious code via a crafted web page.

It targets Chrome’s V8 engine—again.

Update now → https://thehackernews.com/2025/07/google-patches-critical-zero-day-flaw.html

🚨 Compliance ≠ Trust.

Join Vanta and Matt Johansen, Founder & Security Researcher at Vulnerable U, on July 23 to unpack the new Trust Maturity Report and explore what real security trust looks like—at every stage of growth.

Don’t miss the session: Security, AI, and Trust: Reviewing Vanta’s Trust Maturity Report → https://thn.news/trust-ai-security-webinar

🚨 85% of work now happens in the browser—yet most orgs still can’t see what’s pasted into ChatGPT.

A new guide exposes how GenAI, BYOD, and rogue extensions turned the browser into the #1 blind spot in enterprise security.

Get the fix → https://thehackernews.com/2025/07/a-new-maturity-model-for-browser.html

🚨 Verified? Think again.

Malicious extensions can pose as trusted in VS Code, IntelliJ, Visual Studio & #Cursor—bypassing checks and running OS commands.

The “verified” badge isn’t protection. Even Microsoft’s filters missed it.

Full details → https://thehackernews.com/2025/07/new-flaw-in-ides-like-visual-studio.html