🚨 China-backed hackers just impersonated top U.S. officials to steal intel.

They posed as the House China Committee chair & the U.S.-China Business Council, luring trade experts—then slipped in a Visual Studio Code backdoor.

Here’s the full report→ https://thehackernews.com/2025/09/chinese-ta415-uses-vs-code-remote.html

⚠️ Quantum hackers could shatter today’s encryption overnight.
🤖 AI attacks already trick 60%—breaches cost $10M+.

The cyber storm is here. Join our next expert WEBINAR to learn how to lock down your data before Q-day.

👉 Save your seat now ↓ https://thehackernews.com/2025/09/from-quantum-hacks-to-ai-defenses.html

🛡️ No more guessing on container security. Securing the Stack breaks down what really works—from busting myths and risks, to building trusted images, to securing your full CI/CD pipeline.

Get the expert blueprint your team needs to lock down vulnerabilities and ship software with confidence.

➡️ Join the 20-min webinar to learn why simply containerizing your applications does not make them safe: https://thn.news/stack-security-webinar

🚨 AI-powered hotel hack on the rise:

Cyber gang TA558 (RevengeHotels) is using LLM-generated phishing emails in Portuguese & Spanish to drop Venom RAT—a $650 malware that steals guest credit-card data, kills Microsoft Defender & spreads via USB 🏨💳

Full report → https://thehackernews.com/2025/09/ta558-uses-ai-generated-scripts-to.html

🚨 UPDATE: New intel on Russia’s APT28 attack...

Sekoia says Operation Phantom Net Voxel used Signal to send booby-trapped Word docs, dropping COVENANT & BEARDSHELL malware.

Full update → https://thehackernews.com/2025/06/apt28-uses-signal-chat-to-deploy.html

🚨 Chrome users: a new zero-day is under active attack.

CVE-2025-10585 targets Chrome’s V8 engine—Chrome’s 6th zero-day of 2025.

Details → https://thehackernews.com/2025/09/google-patches-chrome-zero-day-cve-2025.html

⚡ Update now: 140.0.7339.185/.186 (Win/macOS), 140.0.7339.185 (Linux).

If you use Edge/Brave/Opera/Vivaldi, patch too.

🕵️‍♀️ Two fake Python packages just dropped a powerful RAT on Windows.

“sisaws” & “secmeasure” secretly install SilentSync — capable of stealing browser passwords, files, and screenshots.

Full story → https://thehackernews.com/2025/09/silentsync-rat-delivered-via-two.html

🔥 AI is now the biggest career risk for CISOs—bigger than any breach.

⚡Move too fast → data leaks & shadow AI spread.
🐢Move too slow → rivals race ahead.

How to stay secure and competitive ↓ https://thehackernews.com/2025/09/how-cisos-can-drive-effective-ai.html

⚠️ ‘CountLoader’ is arming Russian ransomware (LockBit, Black Basta, Qilin)—dropping Cobalt Strike, AdaptixC2 & PureHVNC.

It spreads via fake Ukrainian police PDFs & DeepSeek lures, hijacks browsers, hides as “Google Update,” and abuses certutil/bitsadmin.

Details → https://thehackernews.com/2025/09/countloader-broadens-russian-ransomware.html

🚨 SonicWall Breach Alert: Hackers broke into its cloud backups and accessed firewall config files for <5% of customers.

⚠️ Encrypted credentials were inside—but the stolen data could help attackers exploit those firewalls next.

Here’s what every SonicWall user needs to do ↓ https://thehackernews.com/2025/09/sonicwall-urges-password-resets-after.html

❓What do you get when you combine AI + Quantum? Great potential.

But when it comes to cybersecurity, you also get challenges.

Quantum + AI are already reshaping cyber risk.

Hear all about it from ex-NIST, Nokia Bell Labs & global security leaders in our live webinar ↓ https://thehackernews.uk/ai-quantum-webinar

🚨 Hackers exploited 2 zero-day flaws in Ivanti EPMM to hijack servers.

CISA says they dropped custom Java malware that lets them run any code, steal LDAP creds & stay hidden.

Patch immediately or risk a breach.

Full details → https://thehackernews.com/2025/09/cisa-warns-of-two-malware-strains.html

🚨 UK just busted two Scattered Spider hackers—19 & 18—behind the massive TfL cyberattack.

💥 One of them, Thalha Jubair, is also charged in the US for 120+ hacks & $115M in ransoms. He could face 95 years.

Full story → https://thehackernews.com/2025/09/uk-arrest-two-teen-scattered-spider.html

🚨 Two FSB-linked hacking crews—Gamaredon + Turla—are now working together to hit Ukraine’s defense networks.

Gamaredon’s custom tools (PteroGraphin, PteroOdd, PteroPaste) secretly planted Turla’s Kazuar v2/v3 backdoor on Ukrainian systems.

Here’s what to know → https://thehackernews.com/2025/09/russian-hackers-gamaredon-and-turla.html

🚨 AI agents are reshaping business—but also exposing fresh security risks.

🔒 Auth0’s free webinar shows how to spot the hidden threats & lock them down before attackers strike.

Don’t wait. Watch now → https://thehacker.news/ai-agents-security

⚡ Security teams, say goodbye to slow alert triage.

Tines’ new free AI workflow auto-grabs SOPs from Confluence and fixes threats on its own—while keeping your team updated on Slack.

⚠️ Faster response, less burnout, zero missed steps.

Full guide → https://thehackernews.com/2025/09/how-to-automate-alert-triage-with-ai.html

🚨 17,500+ phishing sites. 316 brands. 74 countries.

A Chinese-speaking gang’s PhaaS kits “Lucid” & “Lighthouse” let criminals launch full-scale attacks for as little as $88 a week.

Email phishing jumped 25% in a month.

Details here → https://thehackernews.com/2025/09/17500-phishing-domains-target-316.html