🔥 Privacy vs AI?

WhatsApp just dropped Private Processing—letting you use AI features like message summaries without Meta (or anyone) seeing your chats.

🛡️ Encrypted. Auditable. Anonymous.

— Confidential Virtual Machine
— Oblivious HTTP
— Forward Security

🔗 Learn how it works: https://thehackernews.com/2025/04/whatsapp-launches-private-processing-to.html

🚨 Proton Mail faces nationwide ban in India 🇮🇳

Karnataka High Court has ordered the gov’t to block the encrypted email provider after a legal complaint tied to AI deepfakes and obscene messages sent via the platform.

🔒 Still accessible—for now.

Read: https://thehackernews.com/2025/04/indian-court-orders-action-to-block.html

🔥 Meta just dropped a firewall for AI.

LlamaFirewall is open-source—and built to stop jailbreaks, prompt injections, and insecure code in real time.

It’s modular. It’s fast. It’s made for the LLM era.

🛡️ Also out:
🔹 CyberSecEval 4 with AutoPatchBench to test AI-powered vuln fixes
🔹 Llama for Defenders to help fight scams, fraud & phishing
🔹 Private Processing to run AI features without leaking user data

🔗 Full details here: https://thehackernews.com/2025/04/meta-launches-llamafirewall-framework.html

🚨 RansomHub's empire just vanished.

After stealing data from 200+ victims, its dark web site mysteriously went offline on April 1, 2025—triggering panic among affiliates.

Qilin's leaks doubled. DragonForce claims a takeover.

🔗 Read More: https://thehackernews.com/2025/04/ransomhub-went-dark-april-1-affiliates.html

🚨 China-linked APT “TheWizards” caught hijacking trusted Chinese apps to deploy malware updates.

Uses IPv6/DNS to turn Sogou Pinyin & Tencent QQ into WizardNet backdoor delivery for users in 🇨🇳🇭🇰🇰🇭🇵🇭🇦🇪.

👀 Their tool Spellbinder quietly captures traffic, reroutes updates to attacker servers.

🔗 Full story: https://thehackernews.com/2025/04/chinese-hackers-abuse-ipv6-slaac-for.html

👀 “All my shows were in Spanish. I didn’t change anything.”

That’s not a glitch—it’s an account takeover.

🔒 100K+ accounts/mo exposed on major platforms.
🎮 Streaming, gaming, SaaS vulnerable.
🧠 MFA fails vs. stolen session cookies.

Act now: Monitor infostealers. Reset risk. Rebuild trust.

🔗 ReadfFull story + Flare’s ATO report: https://thehackernews.com/2025/04/customer-account-takeovers-multi.html

🚨 New Espionage Alert!

A Russian-speaking APT group, Nebulous Mantis, is deploying the stealthy RomCom RAT to target NATO-linked entities, gov agencies, and critical infra — using bulletproof hosting, IPFS, and over 40 remote commands.

🔗 See how it works, who’s behind it, and why it matters now: https://thehackernews.com/2025/04/nebulous-mantis-targets-nato-linked.html

It’s back! XPOSURE 2025 returns for its fourth year, focused on what matters most: reducing cyber risk exposure.

Join Pentera and top cybersecurity leaders at the National Exposure Management vSummit to discover how leading security teams are taking a proactive approach to managing enterprise-wide exposure.

🎁 Bonus: The first 150 registrants will receive an Uber Eats voucher upon registration!

📅 June 18 | 11 AM ET | Virtual

🔗 Register now: https://thn.news/xposure2025-pentera

#XPOSURE2025 #ExposureManagement #CyberSecurityLeadership #EnterpriseSecurity

🚨 AI tools are learning too fast—and so are attackers.

New report reveals how MCP & A2A protocols can be hijacked to leak emails, spoof agents, and silently override tool logic.

🔍 Tool poisoning
🧠 Prompt injection
🕵️ Agent impersonation

Even benign tools can flip malicious—no warning, no second prompt.

👉 Learn about this new AI attack surface → https://thehackernews.com/2025/04/experts-uncover-critical-mcp-and-a2a.html

👤 Hackers aren’t cracking passwords anymore—they’re impersonating you.

From AI deepfakes to social engineering, attackers now exploit weak links before and after login—like during account recovery or onboarding.

🔐 Orgs secure login, but not full identity lifecycle. Join free webinar to learn:

✅ Enforce phishing-resistant MFA
✅ Secure device trust
✅ Protect identity from onboarding to recovery

👉 Register now — https://thehackernews.com/2025/04/free-webinar-guide-to-securing-your.html

🚨 SonicWall SMA Devices Under Attack!

2 critical flaws (CVEs 2023-44221 & 2024-38475) are being actively exploited in the wild. One allows OS command injection, the other enables session hijacking via Apache rewrite abuse.

SonicWall urges admins:
🔍 Check for unauthorized logins
🛡️ Patch immediately

👉 Details: https://thehackernews.com/2025/05/sonicwall-confirms-active-exploitation.html

🚨 UPDATE: Outlaw Botnet Returns After 3-Month Silence 👀

Kaspersky confirms: Outlaw, a Perl-based crypto-mining botnet, is back—targeting Linux systems in Brazil with brute-force SSH attacks.

🧪 New tactics spotted:
Deploys XMRig miner & IRC-based backdoor
Kills rival miners & high-CPU processes
Masquerades as rsync, evades termination
Allows DDoS, remote control, file exfiltration

📊 Victims detected in 🇺🇸🇧🇷🇩🇪🇮🇹🇹🇭🇸🇬🇹🇼🇨🇦

👉 Full report + latest update (May 1): https://thehackernews.com/2025/04/outlaw-group-uses-ssh-brute-force-to.html

👀 The tools are evolving. So is the intent.

A stealthy phishing wave is slamming key Russian industries with DarkWatchman malware. It evades detection and vanishes on command.

Meanwhile, a new backdoor called Sheriff breached a major Ukrainian platform to spy on defense targets—quiet, persistent, and dangerous.

🔗 Learn more: https://thehackernews.com/2025/05/darkwatchman-sheriff-malware-hit-russia.html

🚨 AI meets Influence-as-a-Service with chilling implications.

Anthropic's Claude chatbot was hijacked to run a botnet that:

• Created 100+ fake personas
• Engaged thousands of users
• Spread pro-UAE, anti-EU, and political propaganda in 🇮🇷, 🇪🇺, 🇰🇪

Worse, it aided criminals in writing malware, scraping security cam passwords, and running job scams.

🔗 Read: https://thehackernews.com/2025/05/claude-ai-exploited-to-operate-100-fake.html

🚨 569,000 alerts. Only 202 matter.

OX Security’s 2025 report reveals: 95–98% of AppSec alerts are noise—wasting time, burning budgets, and stalling innovation.

🔍 Focus on what’s real—KEVs, secrets, exploitable flaws.

Learn How: https://thehackernews.com/2025/05/new-research-reveals-95-of-appsec-fixes.html

🛑 Nation-state hackers breached Commvault’s Azure-hosted environment by exploiting a zero-day in Commvault’s own web server — CVE-2025-3928.

👀 Check sign-ins
🚫 Block malicious IPs
📑 Report activity fast

Read now → https://thehackernews.com/2025/05/commvault-confirms-hackers-exploited.html

🚨 Your tools say you're safe. Attackers know you're not.

They slip past EDR, hide in legit traffic, and lurk for weeks.

That’s why SOC teams are turning to Network Detection & Response (NDR)—the only way to see what endpoint tools miss.

The network doesn’t lie.

Learn more: https://thehackernews.com/2025/05/why-top-soc-teams-are-shifting-to.html

🛑 Hackers are disguising malware as security plugins to hijack sites, inject spammy ads, steal credit cards, & even re-install themselves if deleted.

Some victims are unknowingly losing their own AdSense earnings.

💣 Features: Remote code execution, reverse proxy skimming, JS-based backdoors.

🔗 Read: https://thehackernews.com/2025/05/fake-security-plugin-on-wordpress.html

🚨 AI isn’t just writing your code — it’s leaking your secrets.

New GitGuardian data shows AI-assisted repos leak secrets 40% more often than average.

📊 1,200+ repos leaked secrets in 2025 alone.

👉 Don’t trust. Verify. Full report: https://thehackernews.com/expert-insights/2025/04/the-new-frontier-of-security-risk-ai.html

🔥 UPDATE - A public PoC exploit is now available for a serious SonicWall SMA exploit chain.

➡️ CVE-2024-38475: Apache HTTP Server flaw used to bypass auth
➡️ CVE-2023-44221: Post-auth command injection via Diagnostics menu

CISA has added both to the KEV catalog — federal patch deadline: May 22, 2025.
Exploitation is already active in the wild.

📎 Details + PoC: https://thehackernews.com/2025/05/sonicwall-confirms-active-exploitation.html