Hackers just dropped a new .NET backdoor disguised as a tax notice.
Open the ZIP β boom, your dataβs gone.
It even runs through legit Windows tools so nothing looks off.
Full story β https://thehackernews.com/2025/10/new-net-capi-backdoor-targets-russian.html
Open the ZIP β boom, your dataβs gone.
It even runs through legit Windows tools so nothing looks off.
Full story β https://thehackernews.com/2025/10/new-net-capi-backdoor-targets-russian.html
π15π€―11π₯7π5
π£ Europol just dismantled a SIM farm-for-hire platform that powered 49 million fake accounts used for global fraud.
It let anyone rent verified phone numbers from 80+ countries β to scam, extort, or launder money.
Details β https://thehackernews.com/2025/10/europol-dismantles-sim-farm-network.html
It let anyone rent verified phone numbers from 80+ countries β to scam, extort, or launder money.
Details β https://thehackernews.com/2025/10/europol-dismantles-sim-farm-network.html
π₯44π€―12π8π7β‘4π3π±3π€2
π΅οΈ China says the NSA hacked its national time servers β the system that keeps everything in sync.
If that clock went down, it couldβve hit banks, power grids, even space launches.
The attack used foreign SMS exploits, forged certs, and 42 stealth tools.
Read β https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html
If that clock went down, it couldβve hit banks, power grids, even space launches.
The attack used foreign SMS exploits, forged certs, and 42 stealth tools.
Read β https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html
π₯37π14π±13π€8β‘3π3π2π€―1
π¨ 131 Chrome extensions were caught turning WhatsApp Web into spam bots.
They look like βCRM tools,β but secretly send bulk messages.
Over 20,000 users already installed them.
Full details β https://thehackernews.com/2025/10/131-chrome-extensions-caught-hijacking.html
They look like βCRM tools,β but secretly send bulk messages.
Over 20,000 users already installed them.
Full details β https://thehackernews.com/2025/10/131-chrome-extensions-caught-hijacking.html
π14π₯4π€3
π΄ Silent breaches, blockchain malware, and new Android exploits β this weekβs threat roundup proves attackers are getting bolder and smarter.
Catch the highlights:
β‘ F5 breach
β‘ EtherHiding malware
β‘ Cisco rootkits
β‘ Pixnapping 2FA theft
Read WEEKLY RECAP β https://thehackernews.com/2025/10/weekly-recap-f5-breached-linux-rootkits.html
Catch the highlights:
β‘ F5 breach
β‘ EtherHiding malware
β‘ Cisco rootkits
β‘ Pixnapping 2FA theft
Read WEEKLY RECAP β https://thehackernews.com/2025/10/weekly-recap-f5-breached-linux-rootkits.html
π8π1π₯1
π¨ A fake CAPTCHA just breached hospitals, universities, and city networks.
The scary part? Victims copied the attack code themselves β straight from their browser.
Itβs called ClickFix, and it hijacks users through βfix this pageβ pop-ups β no downloads, no phishing email needed.
See how it slips past every control β https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html
The scary part? Victims copied the attack code themselves β straight from their browser.
Itβs called ClickFix, and it hijacks users through βfix this pageβ pop-ups β no downloads, no phishing email needed.
See how it slips past every control β https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html
π32π±10π₯5π€―3β‘2π2
A Chinese-linked hacking group breached Europeβs telecom defenses β weaponizing antivirus software.
They planted a backdoor in legitimate Norton and Bkav installs.
Payload: SnappyBee, a new ShadowPad variant delivered via DLL side-loading.
Learn more β https://thehackernews.com/2025/10/hackers-used-snappybee-malware-and.html
They planted a backdoor in legitimate Norton and Bkav installs.
Payload: SnappyBee, a new ShadowPad variant delivered via DLL side-loading.
Learn more β https://thehackernews.com/2025/10/hackers-used-snappybee-malware-and.html
π₯10π€5π3π€―3π±2
Russiaβs COLDRIVER hackers rebuilt their malware tools in just 5 days.
Meet NOROBOT, YESROBOT, and MAYBEROBOT β hidden behind fake CAPTCHA checks and PowerShell tricks.
Google just exposed how they did it β https://thehackernews.com/2025/10/google-identifies-three-new-russian.html
Meet NOROBOT, YESROBOT, and MAYBEROBOT β hidden behind fake CAPTCHA checks and PowerShell tricks.
Google just exposed how they did it β https://thehackernews.com/2025/10/google-identifies-three-new-russian.html
π14π₯6β‘4π€―4
β οΈ 7 out of 10 threats faced by SOCs begin with phishing.
Phishkits dominate the threat landscape and become increasingly harder to detect.
Act now to set up strong defenses with fresh, actionable intel from 15K orgs β€΅οΈ https://thn.news/threat-intel-tg
Phishkits dominate the threat landscape and become increasingly harder to detect.
Act now to set up strong defenses with fresh, actionable intel from 15K orgs β€΅οΈ https://thn.news/threat-intel-tg
π7π2π€2
β οΈ Your AppSec blind spots are costing you.
The gap between code and cloud runtime drives 90% of delayed fixesβand missed accountability.
Map vulnerabilities, misconfigs, and secrets across your pipeline to regain control.
Cut the noise. Reduce risk. Start now β https://thehacker.news/code-to-cloud-appsec
The gap between code and cloud runtime drives 90% of delayed fixesβand missed accountability.
Map vulnerabilities, misconfigs, and secrets across your pipeline to regain control.
Cut the noise. Reduce risk. Start now β https://thehacker.news/code-to-cloud-appsec
π€6
π₯ Your Cisco, ASUS, QNAP, or Synology router might secretly be part of a botnet.
A new threat called PolarEdge is hiding inside routers, turning them into undetectable spies using a secret TLS server and a hidden config file.
Exploit chain, IOCs & decryption trick β https://thehackernews.com/2025/10/polaredge-targets-cisco-asus-qnap.html
A new threat called PolarEdge is hiding inside routers, turning them into undetectable spies using a secret TLS server and a hidden config file.
Exploit chain, IOCs & decryption trick β https://thehackernews.com/2025/10/polaredge-targets-cisco-asus-qnap.html
π8π₯2π€2
Meta just rolled out new anti-scam tools for WhatsApp & Messenger.
β οΈ Screen-share warnings
π€ AI scam detection
π¨ Instant alerts
... but one setting quietly breaks π encryption.
Learn more β https://thehackernews.com/2025/10/meta-rolls-out-new-tools-to-protect.html
β οΈ Screen-share warnings
π€ AI scam detection
π¨ Instant alerts
... but one setting quietly breaks π encryption.
Learn more β https://thehackernews.com/2025/10/meta-rolls-out-new-tools-to-protect.html
π12π±6π4π₯3
Every new AI tool in your SOC adds another way in for attackers.
The defender might now be the weak spot.
AI agents are making decisions on their own β and trust just became an identity problem.
Learn how to secure them before someone else does β https://thehackernews.com/2025/10/securing-ai-to-benefit-from-ai.html
The defender might now be the weak spot.
AI agents are making decisions on their own β and trust just became an identity problem.
Learn how to secure them before someone else does β https://thehackernews.com/2025/10/securing-ai-to-benefit-from-ai.html
π10π7π₯2
π¨ TP-Linkβs Omada gateways just got hit with four major security flaws β two can let hackers run commands without logging in.
A remote attacker could take full control β no password needed.
Patch now. Details β https://thehackernews.com/2025/10/tp-link-patches-four-omada-gateway.html
A remote attacker could take full control β no password needed.
Patch now. Details β https://thehackernews.com/2025/10/tp-link-patches-four-omada-gateway.html
π15π€―6π₯1
A tiny Rust bug just broke thousands of builds.
Itβs called TARmageddon (CVE-2025-62518) β a flaw in the async-tar library that lets attackers slip hidden files inside nested TAR archives.
Unpatched since 2023, developers are now racing to fix it β https://thehackernews.com/2025/10/tarmageddon-flaw-in-async-tar-rust.html
Itβs called TARmageddon (CVE-2025-62518) β a flaw in the async-tar library that lets attackers slip hidden files inside nested TAR archives.
Unpatched since 2023, developers are now racing to fix it β https://thehackernews.com/2025/10/tarmageddon-flaw-in-async-tar-rust.html
π16π₯1π€1
π¨ PassiveNeuron is still active.
Hackers are breaking in through Microsoft SQL servers, planting custom malware (Neursite & NeuralExecutor), and even using GitHub to hide their command servers β a rare move in state-level spying.
Full story β https://thehackernews.com/2025/10/researchers-identify-passiveneuron-apt.html
Hackers are breaking in through Microsoft SQL servers, planting custom malware (Neursite & NeuralExecutor), and even using GitHub to hide their command servers β a rare move in state-level spying.
Full story β https://thehackernews.com/2025/10/researchers-identify-passiveneuron-apt.html
π₯14π3
π€ Nearly 40% of alerts still go unseen.
AI-SOCs now handle triage, cut false positives, and alert teams with full context. But as Shahar Ben-Hador explains β outsource or not, you still own the breach.
$30K vs $100K+β¦ hereβs who should switch β https://thehackernews.com/expert-insights/2025/10/what-happens-to-mssps-and-mdrs-in-age.html
AI-SOCs now handle triage, cut false positives, and alert teams with full context. But as Shahar Ben-Hador explains β outsource or not, you still own the breach.
$30K vs $100K+β¦ hereβs who should switch β https://thehackernews.com/expert-insights/2025/10/what-happens-to-mssps-and-mdrs-in-age.html
π4π₯2π€1
π 8-character passwords are dead.
π Hackers crack βP@ssw0rd!β in months.
π‘ The fix isnβt symbols β itβs length.
16 simple letters beat any complex mix.
Use words, not symbols.
Why your policy still fails β https://thehackernews.com/2025/10/why-you-should-swap-passwords-for.html
π Hackers crack βP@ssw0rd!β in months.
π‘ The fix isnβt symbols β itβs length.
16 simple letters beat any complex mix.
Use words, not symbols.
Why your policy still fails β https://thehackernews.com/2025/10/why-you-should-swap-passwords-for.html
π₯22π8π€3