🛑 XE Group has evolved. They’re no longer just stealing credit card data—they’re exploiting zero-day vulnerabilities (like CVE-2024-57968 in VeraCore) to target supply chains

Once in, they can drop reverse shells, exfiltrate files, and even modify data

https://thehackernews.com/2025/02/xe-hacker-group-exploits-veracore-zero.html

Zimbra's latest patch addresses three new vulnerabilities:

• SQL Injection (CVE-2025-25064) exposing email metadata to authenticated attackers.
• XSS vulnerability in the Classic Web Client, risking user security.
• SSRF flaw (CVE-2025-25065) allowing unauthorized redirection to internal systems.

Upgrade ASAP to avoid potential exploitation and secure your systems.

Read: https://thehackernews.com/2025/02/zimbra-releases-security-updates-for.html

A Chinese-speaking hacker group, DragonRank, is targeting IIS servers across Asia with BadIIS malware, redirecting users to rogue gambling sites.

Critical sectors—governments, universities, and tech firms—are at risk.

🔗 Read more: https://thehackernews.com/2025/02/dragonrank-exploits-iis-servers-with.html

🚨 This Week in Cyber: Hackers Are Getting Smarter—Are You?

🔹 AI-powered fraud is on the rise
🔹 Stolen ASP .NET keys fuel cyberattacks
🔹 Ransomware payouts drop, but attacks surge
🔹 Abandoned cloud storage = hacker goldmine

Stay ahead of the threats. Read the full recap now: https://thehackernews.com/2025/02/thn-weekly-recap-top-cybersecurity_10.html

⚠️ WARNING: Hackers are using Google Tag Manager (GTM) to deliver credit card skimming malware on Magento e-commerce sites.

Targeting checkout pages to capture credit card details
3 sites found infected; it could be more

Learn more about this attack: https://thehackernews.com/2025/02/hackers-exploit-google-tag-manager-to.html

🛑 Apple has released emergency security updates for iOS and iPadOS to patch a vulnerability exploited in the wild.

This flaw, identified as CVE-2025-24200, could allow attackers to disable USB Restricted Mode on locked devices.

Update your devices now: https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html

🔒 Think VPNs are enough? Think again. VPNs are a band-aid solution—they expose your network to new attack vectors. Attacks through VPNs can bypass security defenses like firewalls.

Want a better way to secure your network? Discover Zero Trust and how it reduces your risk.

Read more now: https://thehackernews.com/expert-insights/2025/02/eliminate-your-attack-surface-by.html

A global law enforcement operation has shut down the dark web data leak and negotiation sites tied to the notorious 8Base ransomware gang.

The seizure of over 40 pieces of evidence signals serious progress in the fight against cybercrime.

Find out more: https://thehackernews.com/2025/02/8base-ransomware-data-leak-sites-seized.html

🚨 Cybercriminals are using the ClickFix technique to deliver NetSupport RAT—a powerful malware that gives attackers full control over your device.

Fake CAPTCHA pages are injecting malicious PowerShell commands to deploy the malware.

Learn more: https://thehackernews.com/2025/02/threat-actors-exploit-clickfix-to.html

🚨 DDoS Attacks Skyrocket by 56%—2 Tbps Peak!

The largest DDoS attack ever recorded hit a shocking 2 Tbps in Q3–Q4 2024, marking an 18% increase from the previous record.

Learn how to protect your organization from the rising tide of DDoS threats

Read: https://thehackernews.com/2025/02/gcore-ddos-radar-reveals-56-yoy.html

🔒 Progress Software has patched high-severity vulnerabilities in its LoadMaster software. These flaws could let hackers execute commands or download sensitive files.

Act now: Update to version 7.2.61.0 or higher to fix these critical flaws.

Learn more: https://thehackernews.com/2025/02/progress-software-patches-high-severity.html

🚨 MFA is more critical than ever—but it's NOT without its challenges.

The price of implementing MFA goes beyond just subscriptions. Training, support, and help desk calls add up.

Learn how to make MFA work for your business without the sticker shock: https://thehackernews.com/2025/02/4-ways-to-keep-mfa-from-becoming-too.html

🔬 Industry-first report examines the relationship between remediation delays and incidents, based on insights from over 150 security decision makers in large U.S. enterprises.

Some key findings:
⚡ Over 62% of incidents are directly related to backlogged risks that the security team was already fully aware of.
⚡ It takes organizations 10X longer to remediate vulnerabilities than it takes for attackers to exploit them.

Get ZEST Security's full report here: https://thn.news/cloud-risk-impact-2025

⚡ Google confirms the new Android SafetyCore DOES NOT perform client-side scanning of your content

» Uses machine learning to flag scams, spam, and malware on your device—not in the cloud
» You control which apps can access the system
» No secret scanning of your private data

👉 Read more: https://thehackernews.com/2025/02/google-confirms-android-safetycore.html

🚨 Critical security flaws discovered in Ivanti products could allow attackers to execute arbitrary code remotely.

The vulnerabilities (CVE-2024-38657, CVE-2025-22467, CVE-2024-10644, and CVE-2024-47908) impact Ivanti Connect Secure, Policy Secure, and Cloud Services Application.

Read the full details: https://thehackernews.com/2025/02/ivanti-patches-critical-flaws-in.html

🚨 Microsoft has released patches for 63 flaws, including 2 actively exploited vulnerabilities.

CVE-2025-21391 allows attackers to delete crucial files, while CVE-2025-21418 enables SYSTEM privilege escalation on Windows.

🔧 Apply the latest update now. Read more: https://thehackernews.com/2025/02/microsofts-patch-tuesday-fixes-63-flaws.html

🔒 Are your Okta passwords strong enough to stop cybercriminals? Secure Okta with robust password policies, phishing-resistant 2FA, and behavior detection rules.

⏰ Don’t wait until it’s too late—explore the essential security settings to safeguard your organization today.

🔧 Read More: https://thehackernews.com/2025/02/dont-overlook-these-6-critical-okta.html

⚠️ Kimsuky, the North Korea-linked hacker group, is adopting a new tactic: deceiving victims into running malicious PowerShell commands.

This method tricks targets into executing harmful code that allows remote access and data theft.

Learn more: https://thehackernews.com/2025/02/north-korean-hackers-exploit-powershell.html

Learn from the infosec lead at a bank who cut threat response time in half and saved millions of dollars in prevented incidents on a budget.

Must-read for all CISOs out there: https://thn.news/bank-security-sandbox-tg

CISOs are becoming AI leaders – and there’s a framework to guide them.

The CLEAR framework is your roadmap!
➤ Create AI asset inventories
➤ Learn user behaviors
➤ Enforce AI policies
➤ Apply security-focused AI use cases
➤ Reuse existing frameworks (NIST, ISO)

🔗 Read more: https://thehackernews.com/2025/02/how-to-steer-ai-adoption-ciso-guide.html