🔥 New Cyber Attack Alert!

Senior members of the World Uyghur Congress were targeted by malware hidden in a fake UyghurEdit++ app, Citizen Lab reports (Mar 2025).

— Custom-made spyware
— Links to China
— Started as early as May 2024

Learn more: https://thehackernews.com/2025/04/malware-attack-targets-world-uyghur.html

🔒 Still trusting VPNs to secure remote access?

Recent critical flaws exposed thousands. Every open port and IP address is now a target, not a tool.

Legacy network security can't keep up with AI-driven attacks.

Zero Trust isn’t optional anymore — it’s survival.

Learn why it matters → https://thehackernews.com/expert-insights/2025/04/its-time-to-rethink-your-security-for.html

🔥 75 zero-day exploits hit in 2024 | 44% aimed at enterprise tools.

While browser & mobile attacks fell sharply, threat actors shifted focus — hitting Ivanti, Palo Alto, Cisco & others.

📊 Top targets: Microsoft (26), Google (11), Ivanti (7), Apple (5)
🎯 20 zero-days hit security appliances
🕵️‍♂️ State hackers, spyware firms & cybercrime crews all involved

Read the full story → https://thehackernews.com/2025/04/google-reports-75-zero-days-exploited.html

⚡ Your AI Copilot could leak your secrets — without you even knowing.

Microsoft 365 Copilot boosts productivity, but opens the door to massive data risks. Reco spots risky prompts, flags hidden attacks, and locks down your SaaS ecosystem.

Learn how: https://thehackernews.com/2025/04/product-walkthrough-securing-microsoft.html

🚨 Cybersecurity firms are under attack!

🇨🇳 China’s PurpleHaze hackers targeted SentinelOne’s systems and high-value customers.

🎭 360+ fake North Korean IT workers tried to infiltrate the company.

🇷🇺 Russian ransomware gangs are buying real security products to beat defenses.

Read 👉https://thehackernews.com/2025/04/sentinelone-uncovers-chinese-espionage.html

🚨 New jailbreaks ("Inception", "Do-Not-Reply"), memory hacks, tool poisoning, unsafe model upgrades — CERT, METR, and others warn:

⚡ ChatGPT, Claude, Copilot, Gemini, Grok, Meta AI can leak code, malware, data.
⚡ GPT-4.1 is 3X riskier than before.
⚡ MCP protocols, Chrome extensions now exploited.

The AI arms race is outpacing safety.

Read: https://thehackernews.com/2025/04/new-reports-uncover-jailbreaks-unsafe.html

🔥 Privacy vs AI?

WhatsApp just dropped Private Processing—letting you use AI features like message summaries without Meta (or anyone) seeing your chats.

🛡️ Encrypted. Auditable. Anonymous.

— Confidential Virtual Machine
— Oblivious HTTP
— Forward Security

🔗 Learn how it works: https://thehackernews.com/2025/04/whatsapp-launches-private-processing-to.html

🚨 Proton Mail faces nationwide ban in India 🇮🇳

Karnataka High Court has ordered the gov’t to block the encrypted email provider after a legal complaint tied to AI deepfakes and obscene messages sent via the platform.

🔒 Still accessible—for now.

Read: https://thehackernews.com/2025/04/indian-court-orders-action-to-block.html

🔥 Meta just dropped a firewall for AI.

LlamaFirewall is open-source—and built to stop jailbreaks, prompt injections, and insecure code in real time.

It’s modular. It’s fast. It’s made for the LLM era.

🛡️ Also out:
🔹 CyberSecEval 4 with AutoPatchBench to test AI-powered vuln fixes
🔹 Llama for Defenders to help fight scams, fraud & phishing
🔹 Private Processing to run AI features without leaking user data

🔗 Full details here: https://thehackernews.com/2025/04/meta-launches-llamafirewall-framework.html

🚨 RansomHub's empire just vanished.

After stealing data from 200+ victims, its dark web site mysteriously went offline on April 1, 2025—triggering panic among affiliates.

Qilin's leaks doubled. DragonForce claims a takeover.

🔗 Read More: https://thehackernews.com/2025/04/ransomhub-went-dark-april-1-affiliates.html

🚨 China-linked APT “TheWizards” caught hijacking trusted Chinese apps to deploy malware updates.

Uses IPv6/DNS to turn Sogou Pinyin & Tencent QQ into WizardNet backdoor delivery for users in 🇨🇳🇭🇰🇰🇭🇵🇭🇦🇪.

👀 Their tool Spellbinder quietly captures traffic, reroutes updates to attacker servers.

🔗 Full story: https://thehackernews.com/2025/04/chinese-hackers-abuse-ipv6-slaac-for.html

👀 “All my shows were in Spanish. I didn’t change anything.”

That’s not a glitch—it’s an account takeover.

🔒 100K+ accounts/mo exposed on major platforms.
🎮 Streaming, gaming, SaaS vulnerable.
🧠 MFA fails vs. stolen session cookies.

Act now: Monitor infostealers. Reset risk. Rebuild trust.

🔗 ReadfFull story + Flare’s ATO report: https://thehackernews.com/2025/04/customer-account-takeovers-multi.html

🚨 New Espionage Alert!

A Russian-speaking APT group, Nebulous Mantis, is deploying the stealthy RomCom RAT to target NATO-linked entities, gov agencies, and critical infra — using bulletproof hosting, IPFS, and over 40 remote commands.

🔗 See how it works, who’s behind it, and why it matters now: https://thehackernews.com/2025/04/nebulous-mantis-targets-nato-linked.html

It’s back! XPOSURE 2025 returns for its fourth year, focused on what matters most: reducing cyber risk exposure.

Join Pentera and top cybersecurity leaders at the National Exposure Management vSummit to discover how leading security teams are taking a proactive approach to managing enterprise-wide exposure.

🎁 Bonus: The first 150 registrants will receive an Uber Eats voucher upon registration!

📅 June 18 | 11 AM ET | Virtual

🔗 Register now: https://thn.news/xposure2025-pentera

#XPOSURE2025 #ExposureManagement #CyberSecurityLeadership #EnterpriseSecurity

🚨 AI tools are learning too fast—and so are attackers.

New report reveals how MCP & A2A protocols can be hijacked to leak emails, spoof agents, and silently override tool logic.

🔍 Tool poisoning
🧠 Prompt injection
🕵️ Agent impersonation

Even benign tools can flip malicious—no warning, no second prompt.

👉 Learn about this new AI attack surface → https://thehackernews.com/2025/04/experts-uncover-critical-mcp-and-a2a.html

👤 Hackers aren’t cracking passwords anymore—they’re impersonating you.

From AI deepfakes to social engineering, attackers now exploit weak links before and after login—like during account recovery or onboarding.

🔐 Orgs secure login, but not full identity lifecycle. Join free webinar to learn:

✅ Enforce phishing-resistant MFA
✅ Secure device trust
✅ Protect identity from onboarding to recovery

👉 Register now — https://thehackernews.com/2025/04/free-webinar-guide-to-securing-your.html

🚨 SonicWall SMA Devices Under Attack!

2 critical flaws (CVEs 2023-44221 & 2024-38475) are being actively exploited in the wild. One allows OS command injection, the other enables session hijacking via Apache rewrite abuse.

SonicWall urges admins:
🔍 Check for unauthorized logins
🛡️ Patch immediately

👉 Details: https://thehackernews.com/2025/05/sonicwall-confirms-active-exploitation.html

🚨 UPDATE: Outlaw Botnet Returns After 3-Month Silence 👀

Kaspersky confirms: Outlaw, a Perl-based crypto-mining botnet, is back—targeting Linux systems in Brazil with brute-force SSH attacks.

🧪 New tactics spotted:
Deploys XMRig miner & IRC-based backdoor
Kills rival miners & high-CPU processes
Masquerades as rsync, evades termination
Allows DDoS, remote control, file exfiltration

📊 Victims detected in 🇺🇸🇧🇷🇩🇪🇮🇹🇹🇭🇸🇬🇹🇼🇨🇦

👉 Full report + latest update (May 1): https://thehackernews.com/2025/04/outlaw-group-uses-ssh-brute-force-to.html

👀 The tools are evolving. So is the intent.

A stealthy phishing wave is slamming key Russian industries with DarkWatchman malware. It evades detection and vanishes on command.

Meanwhile, a new backdoor called Sheriff breached a major Ukrainian platform to spy on defense targets—quiet, persistent, and dangerous.

🔗 Learn more: https://thehackernews.com/2025/05/darkwatchman-sheriff-malware-hit-russia.html

🚨 AI meets Influence-as-a-Service with chilling implications.

Anthropic's Claude chatbot was hijacked to run a botnet that:

• Created 100+ fake personas
• Engaged thousands of users
• Spread pro-UAE, anti-EU, and political propaganda in 🇮🇷, 🇪🇺, 🇰🇪

Worse, it aided criminals in writing malware, scraping security cam passwords, and running job scams.

🔗 Read: https://thehackernews.com/2025/05/claude-ai-exploited-to-operate-100-fake.html