🚨 Russian defense firms hit by stealth cyberattack!
Hackers deployed a new backdoor—EAGLET—to spy on aerospace targets via fake logistics docs tied to sanctioned rail firms.
Read → https://thehackernews.com/2025/07/cyber-espionage-campaign-hits-russian.html
Hackers deployed a new backdoor—EAGLET—to spy on aerospace targets via fake logistics docs tied to sanctioned rail firms.
Read → https://thehackernews.com/2025/07/cyber-espionage-campaign-hits-russian.html
🔥19🤔6👏4👍1🤯1
🚨 Patchwork hacking group is targeting Turkish missile contractors.
DisguiPatchworkous LNK files to launch a stealthy 5-stage spyware chain—right as Türkiye deepens defense ties with Pakistan.
Full story → https://thehackernews.com/2025/07/patchwork-targets-turkish-defense-firms.html
DisguiPatchworkous LNK files to launch a stealthy 5-stage spyware chain—right as Türkiye deepens defense ties with Pakistan.
Full story → https://thehackernews.com/2025/07/patchwork-targets-turkish-defense-firms.html
😁15🤯5👍3🔥2
⚡ U.S. sanctions hit a North Korean front company and 3 individuals running a fake IT worker scheme—used to infiltrate 300+ U.S. firms and fund Kim’s weapons program.
One U.S. woman helped run it all from a 90-laptop farm in Arizona.
Full story ↓ https://thehackernews.com/2025/07/us-sanctions-firm-behind-n-korean-it.html
One U.S. woman helped run it all from a 90-laptop farm in Arizona.
Full story ↓ https://thehackernews.com/2025/07/us-sanctions-firm-behind-n-korean-it.html
🤯33🔥7😁5🤔4😱2
🛑 In case you missed it — Over 4,600 attacks. 300+ orgs hit.
A China-linked threat group is exploiting SharePoint flaws to drop Warlock ransomware on unpatched systems.
Patch now. Details here → https://thehackernews.com/2025/07/storm-2603-exploits-sharepoint-flaws-to.html
A China-linked threat group is exploiting SharePoint flaws to drop Warlock ransomware on unpatched systems.
Patch now. Details here → https://thehackernews.com/2025/07/storm-2603-exploits-sharepoint-flaws-to.html
😁19🔥8👏7
🚨 Six flaws rated CVSS 9.8 in Honeywell’s Niagara Framework could let attackers hijack smart buildings—HVAC, lighting, even security.
One misconfig? They steal admin tokens, plant backdoors, and run root code.
Used worldwide. Patch now.
Details here ↓ https://thehackernews.com/2025/07/critical-flaws-in-niagara-framework.html
One misconfig? They steal admin tokens, plant backdoors, and run root code.
Used worldwide. Patch now.
Details here ↓ https://thehackernews.com/2025/07/critical-flaws-in-niagara-framework.html
👍13🤔3🤯3
Scattered Spider is now hijacking VMware ESXi hypervisors—not with malware, but fake help desk calls.
They impersonate admins, reset passwords, and deploy ransomware directly from the hypervisor.
Google says it's fast, stealthy, and crippling.
Full story → https://thehackernews.com/2025/07/scattered-spider-hijacks-vmware-esxi-to.html
They impersonate admins, reset passwords, and deploy ransomware directly from the hypervisor.
Google says it's fast, stealthy, and crippling.
Full story → https://thehackernews.com/2025/07/scattered-spider-hijacks-vmware-esxi-to.html
⚡19👏6😁6
⚡ Zero-days exploited. State-backed schemes exposed. Ransomware shifts.
From insider arrests to AI-powered fraud, here’s what mattered in cyber this week—no fluff, just the signal.
🧵 Read now ↓ https://thehackernews.com/2025/07/weekly-recap-sharepoint-breach-spyware.html
From insider arrests to AI-powered fraud, here’s what mattered in cyber this week—no fluff, just the signal.
🧵 Read now ↓ https://thehackernews.com/2025/07/weekly-recap-sharepoint-breach-spyware.html
🔥14
Phishing filters aren’t enough anymore.
Attackers don’t need malware—just one stolen login to pivot across email, OAuth, chats & files undetected.
It’s time email security caught up to EDR.
Here’s what that looks like ↓ https://thehackernews.com/2025/07/email-security-is-stuck-in-antivirus.html
Attackers don’t need malware—just one stolen login to pivot across email, OAuth, chats & files undetected.
It’s time email security caught up to EDR.
Here’s what that looks like ↓ https://thehackernews.com/2025/07/email-security-is-stuck-in-antivirus.html
👍18
🚨 Update: CISA just added CVE-2025-20281 and CVE-2025-20337 to its Known Exploited Vulnerabilities list.
These Cisco ISE flaws allow remote, unauthenticated attackers to gain root access — and they're already being exploited.
Feds must patch by Aug 18.
Everyone else: don’t wait.
Read → https://thehackernews.com/2025/07/cisco-confirms-active-exploits.html
These Cisco ISE flaws allow remote, unauthenticated attackers to gain root access — and they're already being exploited.
Feds must patch by Aug 18.
Everyone else: don’t wait.
Read → https://thehackernews.com/2025/07/cisco-confirms-active-exploits.html
😁13🔥6🤔2👏1
🔥 ALERT: Toptal's GitHub was HACKED — attackers pushed 10 malicious npm packages.
They stole GitHub tokens, wiped systems silently, and racked up 5,000+ downloads before detection.
Here’s what devs need to know ↓ https://thehackernews.com/2025/07/hackers-breach-toptal-github-publish-10.html
They stole GitHub tokens, wiped systems silently, and racked up 5,000+ downloads before detection.
Here’s what devs need to know ↓ https://thehackernews.com/2025/07/hackers-breach-toptal-github-publish-10.html
😱21😁9🤯8⚡5👏1
🚨 CISA just confirmed active exploitation of a critical PaperCut bug (CVE-2023-2533) — attackers can hijack admin sessions to run code remotely.
It’s being used by ransomware gangs right now.
Patch before August 18 or risk breach.
Full details → https://thehackernews.com/2025/07/cisa-adds-papercut-ngmf-csrf.html
It’s being used by ransomware gangs right now.
Patch before August 18 or risk breach.
Full details → https://thehackernews.com/2025/07/cisa-adds-papercut-ngmf-csrf.html
👏7
🚨 100,000+ sites hacked in 2024’s biggest JavaScript injection attack.
Even React wasn’t safe — a trusted library was turned into a malware delivery system.
Here’s how modern JS threats are breaking your app → https://thehackernews.com/2025/07/why-react-didnt-kill-xss-new-javascript.html
Even React wasn’t safe — a trusted library was turned into a malware delivery system.
Here’s how modern JS threats are breaking your app → https://thehackernews.com/2025/07/why-react-didnt-kill-xss-new-javascript.html
👍8🤔1
🚨 A wave of mobile malware is sweeping Asia—targeting Android & iOS with fake apps, phishing, and spyware.
🔸 250+ fake dating & social apps (SarangTrap) stealing photos, contacts, SMS
🔸 Banking trojans like RedHook hijack devices in Vietnam
🔸 Fake Telegram & finance apps hit users in India, Korea, Bangladesh
🔸 Criminals now rent malware kits or buy access to infected phones
Cybercrime is now a business. Stay alert → https://thehackernews.com/2025/07/cybercriminals-use-fake-apps-to-steal.html
🔸 250+ fake dating & social apps (SarangTrap) stealing photos, contacts, SMS
🔸 Banking trojans like RedHook hijack devices in Vietnam
🔸 Fake Telegram & finance apps hit users in India, Korea, Bangladesh
🔸 Criminals now rent malware kits or buy access to infected phones
Cybercrime is now a business. Stay alert → https://thehackernews.com/2025/07/cybercriminals-use-fake-apps-to-steal.html
👍13😱7👏1
Chaos is back—and it's wearing a new mask.
A rebrand of BlackSuit (linked to Royal & Conti), the new Chaos #ransomware gang is hitting U.S. victims hard with $300K ransoms, voice phishing, RMM abuse & stealthy multi-threaded encryption.
Details here → https://thehackernews.com/2025/07/chaos-raas-emerges-after-blacksuit.html
A rebrand of BlackSuit (linked to Royal & Conti), the new Chaos #ransomware gang is hitting U.S. victims hard with $300K ransoms, voice phishing, RMM abuse & stealthy multi-threaded encryption.
Details here → https://thehackernews.com/2025/07/chaos-raas-emerges-after-blacksuit.html
🤔9
HACKasan 2025 is ON — and this year, it’s better than ever!
For the 4th year running, Pentera is hosting THE most epic Black Hat & DEF CON after-party, exclusively for cybersecurity pros on Thursday, August 7th!
🎧 Live DJ + drummer combo
🍸 Open bar
🌈 Legendary Hakkasan light show
💥 Cyber crowd only
👉 Register Today! Free of charge: https://thn.news/pentera-blackhat-party-2025
For the 4th year running, Pentera is hosting THE most epic Black Hat & DEF CON after-party, exclusively for cybersecurity pros on Thursday, August 7th!
🎧 Live DJ + drummer combo
🍸 Open bar
🌈 Legendary Hakkasan light show
💥 Cyber crowd only
👉 Register Today! Free of charge: https://thn.news/pentera-blackhat-party-2025
🔥9⚡5👏2
🚨 PyPI users are being phished — and the fake login pages look real.
Hackers spoofed PyPI emails & built replica sites that steal credentials, then forward victims to the legit site to cover their tracks.
Full details ↓ https://thehackernews.com/2025/07/pypi-warns-of-ongoing-phishing-campaign.html
Hackers spoofed PyPI emails & built replica sites that steal credentials, then forward victims to the legit site to cover their tracks.
Full details ↓ https://thehackernews.com/2025/07/pypi-warns-of-ongoing-phishing-campaign.html
🔥7😁3😱2
🚨 AI-powered vibe coding platform Base44 had a critical flaw: anyone with a public app_id could bypass SSO and access private apps—no auth required.
Wix patched it fast, but it exposes serious risks in AI dev platforms.
Full story → https://thehackernews.com/2025/07/wiz-uncovers-critical-access-bypass.html
Wix patched it fast, but it exposes serious risks in AI dev platforms.
Full story → https://thehackernews.com/2025/07/wiz-uncovers-critical-access-bypass.html
😁13🤯7⚡3
🚨 The browser is now the front line of cyber attacks.
Phishing, infostealers & token hijacking are bypassing MFA, targeting SaaS logins, and owning orgs — all in the browser.
Identity is the prize. And most teams aren’t watching.
Here’s why it matters ↓ https://thehackernews.com/2025/07/how-browser-became-main-cyber.html
Phishing, infostealers & token hijacking are bypassing MFA, targeting SaaS logins, and owning orgs — all in the browser.
Identity is the prize. And most teams aren’t watching.
Here’s why it matters ↓ https://thehackernews.com/2025/07/how-browser-became-main-cyber.html
🤯14🔥4😁1
⚡ Scattered Spider hacker group just went quiet—but don’t exhale yet.
After UK arrests, Mandiant says the group’s intrusions have stopped.
But copycats are already using their same ruthless tactics.
Now’s the moment to harden your defenses.
Read - https://thehackernews.com/2025/07/scattered-spider-hacker-arrests-halt.html
After UK arrests, Mandiant says the group’s intrusions have stopped.
But copycats are already using their same ruthless tactics.
Now’s the moment to harden your defenses.
Read - https://thehackernews.com/2025/07/scattered-spider-hacker-arrests-halt.html
👏11👍3
A critical SAP flaw just gave hackers remote access to a U.S. chemicals company.
They deployed Auto-Color—stealthy Linux malware that hides itself when it can’t reach its C2 server.
Details you need to know ↓ https://thehackernews.com/2025/07/hackers-exploit-sap-vulnerability-to.html
They deployed Auto-Color—stealthy Linux malware that hides itself when it can’t reach its C2 server.
Details you need to know ↓ https://thehackernews.com/2025/07/hackers-exploit-sap-vulnerability-to.html
🔥17😁2
🚨 Most ransomware attacks don’t hack in—they log in.
EDR alone can’t stop attackers using legit credentials.
The fix? Pair it with Endpoint Privilege Management (EPM) to shut down stealthy privilege abuse before it starts.
Here’s why both are critical ↓ https://thehackernews.com/expert-insights/2025/07/edr-detects-epm-prevents-why-using-both.html
EDR alone can’t stop attackers using legit credentials.
The fix? Pair it with Endpoint Privilege Management (EPM) to shut down stealthy privilege abuse before it starts.
Here’s why both are critical ↓ https://thehackernews.com/expert-insights/2025/07/edr-detects-epm-prevents-why-using-both.html
👏13🤔3