🔑 Is Your Password Hash Secure Enough? Modern attackers use GPU-powered tools to crack even long, complex passwords protected by weak algorithms.

Don’t leave your passwords exposed. Discover how to defeat password-cracking tools and protect your accounts: https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html

🚨 ALERT: Cybercriminals are hijacking ESXi systems to tunnel traffic and remain hidden on networks for extended periods.

Native tools like SSH allow attackers to blend in with legitimate traffic, bypassing detection and making it nearly impossible to spot them.

Read: https://thehackernews.com/2025/01/ransomware-targets-esxi-systems-via.html

The #1 threat to technical work at scale is poor communication.

A study conducted by Harvard University, the Carnegie Foundation, and Stanford Research Center found that 85% of job success comes from soft skills (such as people skills), whereas only 15% stems from hard skills (such as technical capabilities).

Soft skills can distinguish you to help preserve or even further your career, but if they’re not developed, they can create a ceiling over your growth.

Whether sharing status updates on a virtual standup meeting or delivering a keynote tech talk at an in-person conference, how you communicate your work can either fuel its growth or snuff out its success.

If you’re looking to improve your communication and presentation skills, look no further than the new book, Luminary: Master the Art and Science of Storytelling for Technical Professionals.

Learn more about the book and how it can help you and your work advance here: https://thn.news/storytelling-technical-professionals

⚔️ Prepare for battle. Defend your network. Master your craft.

At SANS live training events, you'll:
✅ Train with cybersecurity legends
✅ Get hands-on with real-world threats
✅ Build your future with certifications

🎯 Find your next event: 👉 https://thn.news/sans-training-tel

#SANSLiveTraining #SANS

🚨 Cybersecurity experts discovered a flaw in a popular travel service that let hackers hijack accounts with a simple click.

Attackers could impersonate victims, book travel, and even use loyalty points!

Learn how: https://thehackernews.com/2025/01/oauth-redirect-flaw-in-airline-travel.html

⚠️ A new phishing email campaign is taking over Poland & Germany, using fake order receipts to infect machines with Agent Tesla, Snake Keylogger, and TorNet malware.

Read the full story: https://thehackernews.com/2025/01/purecrypter-deploys-agent-tesla-and-new.html

🔒 SOCs Drowning in Alerts? AI-powered SOC Analysts now triage & investigate within MINUTES!

Speed, accuracy, and efficiency—ALL in one solution, reducing breach impact and costs.

Find out how AI is transforming SOCs: https://thehackernews.com/2025/01/ai-soc-analysts-propelling-secops-into.html

🚨 URGENT: Critical Zero-Day Alert!

Thousands of Zyxel CPE devices are being actively exploited by attackers. Over 1,500 devices exposed globally.

⤷ Limit admin access
⤷ Filter traffic for unusual requests

🔗 Read: https://thehackernews.com/2025/01/zyxel-cpe-devices-face-active.html

🚨 WATCH OUT: A new vulnerability, CVE-2025-22217, in VMware Avi Load Balancer could give attackers full access to your databases!

No workarounds—only updates will protect you.

Running affected versions? Learn more: https://thehackernews.com/2025/01/broadcom-warns-of-high-severity-sql.html

🛑 UAC-0063 has been using stolen documents from Kazakhstan’s Ministry of Foreign Affairs to spear-phish targets and deploy HATVIBE malware.

👉 Read the full details on UAC-0063’s evolving tactics: https://thehackernews.com/2025/01/uac-0063-expands-cyber-attacks-to.html

⚠️ A critical flaw (CVE-2025-22604) in Cacti could lead to remote code execution. If exploited, authenticated attackers could steal or manipulate sensitive data.

Patch to version 1.2.29 to fix this flaw and protect your systems.

Learn more: https://thehackernews.com/2025/01/critical-cacti-security-flaw-cve-2025.html

🚨 Apple Silicon CPUs hit by 2 new vulnerabilities: SLAP & FLOP

These attacks target Load Address and Load Value Predictors in Apple CPUs, risking exposure of your:

⤷ Location history
⤷ Calendar events
⤷ Sensitive data

🔗 Read: https://thehackernews.com/2025/01/new-slap-flop-attacks-expose-apple-m.html

🔥 AI isn’t just a trend in cybersecurity—it’s already reshaping how teams defend against threats.

But are we fully prepared to tackle its challenges?

In this latest #webinar, you’ll discover:
⤷ Real insights from 200 cybersecurity professionals using AI today
⤷ What’s working & what’s not in the world of AI-driven security
⤷ The real hurdles—data issues, transparency, and more

👨‍💻 Join Now and discover how to make AI work harder for you: https://thehackernews.com/2025/01/ai-in-cybersecurity-whats-effective-and.html

🛑 North Korea's Lazarus Group is now using a powerful web-based admin panel to coordinate cyberattacks across the globe.

233 targets, mostly in crypto, with a surge in India—110 new victims just in January.

Learn more: https://thehackernews.com/2025/01/lazarus-group-uses-react-based-admin.html

⚠️ New Mirai Botnet Variant Aquabot Targets CVE-2024-41710 in Mitel Phones for DDoS Attacks.

The flaw affects Mitel 6800, 6900, 6900w phones and Mitel 6970 Conference Units. Attackers have been exploiting CVE-2024-41710 since January 2025.

Attackers are using Telegram to sell DDoS services—this threat is already commercialized.

Learn more: https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html

🚨 Security Flaws Discovered in Voyager PHP Package.

Attackers can exploit these UNPATCHED flaws with just one click—allowing them to execute arbitrary code remotely.

Click here to learn more: https://thehackernews.com/2025/01/unpatched-php-voyager-flaws-leave.html

🚨 AI Startup #DeepSeek Exposes Sensitive Data!

A ClickHouse database was exposed on the internet, allowing anyone to access internal secrets, chat logs, API secrets, and more—all unprotected.

Read more: https://thehackernews.com/2025/01/deepseek-ai-database-exposed-over-1.html

⚡ SOC Analysts Are Burning Out!

Manual tasks, false positives, and tool overload—AI is the solution SOC teams need NOW.

AI enables faster research, quicker analysis, and smarter responses to emerging threats.

Learn more: https://thehackernews.com/2025/01/soc-analysts-reimagining-their-role.html

⚠️ Warning: Critical Flaw Discovered in Lightning AI Studio!

The vulnerability allowed attackers to run commands with root privileges, potentially compromising entire AI projects.

Get the full analysis: https://thehackernews.com/2025/01/lightning-ai-studio-vulnerability.html

🔒 International law enforcement has dismantled infamous cybercrime hubs linked to platforms like Cracked, Nulled, StarkRDP and Sellix.

These platforms sold malware, hack tools, and personal data.

🔗 Read more about the "Operation Talent" — https://thehackernews.com/2025/01/authorities-seize-domains-of-popular.html