🚨 A global crypto fraud ring just got busted—€460M laundered, 5,000+ victims worldwide.

The twist? It’s tied to scam compounds using forced labor and AI-powered romance baiting.

This is industrialized cybercrime.

Full story ↓ https://thehackernews.com/2025/06/europol-dismantles-540-million.html

🚨 U.S. agencies warn: Iranian-linked hackers may strike soon.

Targets? Defense firms tied to Israel. Tactics? Password cracking, phishing, OT access.

The threat is rising—even amid ceasefire talks.

Full details + mitigations → https://thehackernews.com/2025/06/us-agencies-warn-of-rising-iranian.html

🚨 Microsoft is killing password support in its Authenticator app by August 2025.

Autofill dies in July.
Saved logins? Only accessible in Edge—if it’s your default autofill.

Don’t export in time? You lose them.

What to know + what to do ↓ https://thehackernews.com/2025/07/microsoft-removes-password-management.html

🚨 North Korea infiltrated 100+ U.S. companies using fake remote workers—stealing data, crypto & defense tech.

They even used AI to forge voices, documents & LinkedIn profiles.

The worst part? Some were praised as top talent.

Full story → https://thehackernews.com/2025/07/us-arrests-key-facilitator-in-north.html

🚨 A new Chrome zero-day is already being exploited in the wild.

Discovered by Google TAG on June 25, CVE-2025-6554 lets attackers run malicious code via a crafted web page.

It targets Chrome’s V8 engine—again.

Update now → https://thehackernews.com/2025/07/google-patches-critical-zero-day-flaw.html

🚨 Compliance ≠ Trust.

Join Vanta and Matt Johansen, Founder & Security Researcher at Vulnerable U, on July 23 to unpack the new Trust Maturity Report and explore what real security trust looks like—at every stage of growth.

Don’t miss the session: Security, AI, and Trust: Reviewing Vanta’s Trust Maturity Report → https://thn.news/trust-ai-security-webinar

🚨 85% of work now happens in the browser—yet most orgs still can’t see what’s pasted into ChatGPT.

A new guide exposes how GenAI, BYOD, and rogue extensions turned the browser into the #1 blind spot in enterprise security.

Get the fix → https://thehackernews.com/2025/07/a-new-maturity-model-for-browser.html

🚨 Verified? Think again.

Malicious extensions can pose as trusted in VS Code, IntelliJ, Visual Studio & #Cursor—bypassing checks and running OS commands.

The “verified” badge isn’t protection. Even Microsoft’s filters missed it.

Full details → https://thehackernews.com/2025/07/new-flaw-in-ides-like-visual-studio.html

🚨 Russia-linked hackers are now blurring the line between cybercrime and espionage.

TA829 & UNK_GreenSec are using identical tactics—fake job lures, IPFS malware, REM Proxies—to drop ransomware and spy tools.

Read details → https://thehackernews.com/2025/07/ta829-and-unkgreensec-share-tactics-and.html

🚨 Critical RCE flaw hits Anthropic’s AI dev tool.

Just visiting a malicious site could let hackers run code on your machine.

It targets localhost—using a 19-year-old browser bug.

MCP Inspector < v0.14.1 is at risk.

Patch now → https://thehackernews.com/2025/07/critical-vulnerability-in-anthropics.html

🚨 Hackers are now using AI tools like Vercel's v0 to spin up fake login pages—just from text prompts.

They’re cloning trusted brands, hosting on legit platforms, and bypassing old phishing methods.

The AI phishing era is here.

Read details here → https://thehackernews.com/2025/07/vercels-v0-ai-tool-weaponized-by.html

🚨 AI agents are leaking sensitive enterprise data — and most orgs don’t even know it.

GenAI tools often connect to S3, SharePoint, Google Drive… without proper controls.

The risk? Silent breaches.

Join the webinar on July 7 to learn how to secure your AI workflows ↓ https://thehacker.news/securing-ai-agents-workflows?source=social

🚨 U.S. sanctions Russian hosting firm Aeza Group for fueling ransomware, data theft & drug trade.

Its CEO ran dark web drug markets. Its servers powered RomCom, RedLine, and Doppelganger ops.

This wasn't just hosting—it was cybercrime infrastructure.

READ → https://thehackernews.com/2025/07/us-sanctions-russian-bulletproof.html

🚨 Hackers now talk you into getting hacked.

PDF phishing emails impersonate Microsoft, PayPal, DocuSign—urging you to call fake support lines.

On the call, they steal your info or install malware.

FBI, Cisco, and Varonis warn: it’s rising fast.

Read how it works → https://thehackernews.com/2025/07/hackers-using-pdfs-to-impersonate.html

🚨 Nearly 80% of cyberattacks now look like normal user behavior.

EDR alone can’t see through it—and attackers know it.

The fix? Elite SOCs are layering in Network Detection & Response (NDR) to catch what endpoints miss.

Here’s how it works ↓ https://thehackernews.com/2025/07/that-network-traffic-looks-legit-but-it.html

🚀 Just dropped: the SAIL (Secure AI Lifecycle) Framework - open-source & free

Pillar Security teamed up with AI security leaders from companies like Google, Salesforce, and ServiceNow to create the first process-driven playbook for building and shipping secure AI applications.

🔸 7 development phases with actionable controls
🔸 70 + AI-specific risks and their mitigations
🔸 Mapped to NIST AI RMF, ISO 42001, OWASP & DASF

🔗 The framework is free and open to the community: https://thn.news/ai-security-sail-guide

🚨 North Korean hackers are targeting crypto firms, Mac users, and national security experts—using fake Zoom links, job sites, and research requests.

They’re spreading malware through Nim, AppleScript, PowerShell, even GitHub & Dropbox.

See how it works → https://thehackernews.com/2025/07/north-korean-hackers-target-web3-with.html

🚨 Cisco just patched a 10.0 CVSS flaw that let attackers log in as root—no config needed.

The backdoor? A static dev credential left in production.

It affected all Unified CM v15.0.1 builds.

Full details → https://thehackernews.com/2025/07/critical-cisco-vulnerability-in-unified.html

🚨 Chinese hackers hit France’s critical sectors using 3 Ivanti zero-days — and then patched them to keep others out.

Rootkits, web shells, and resale of access hint at a black-market cyber operation selling to state-linked buyers.

Find details here → https://thehackernews.com/2025/07/chinese-hackers-exploit-ivanti-csa-zero.html

🚨 40+ fake crypto wallet extensions on Firefox were stealing users’ keys and IPs — in plain sight.

They cloned real wallets like MetaMask & Coinbase, faked 5-star reviews, and exfiltrated secrets to a remote server.

Full story → https://thehackernews.com/2025/07/over-40-malicious-firefox-extensions.html

🚨 DEVMAN is a new threat actor already claiming 40 victims across Asia, EU, LATAM, and Africa.

It's affiliated with Qilin, RansomHub, and DragonForce RaaS groups, targeting business and government.

Read technical analysis of the ransomware it uses on #ANYRUN's blog: https://thn.news/devman-ransomware-analysis-tg