π¨ 70% of data leaks now happen in-browser.
Legacy DLP tools canβt see what your employees are copy-pasting into AI tools, Slack, or Gmail.
The browser is the new security perimeter.
Read why browser-centric DLP is now a must β https://thehackernews.com/2025/06/your-saas-data-isnt-safe-why.html
Legacy DLP tools canβt see what your employees are copy-pasting into AI tools, Slack, or Gmail.
The browser is the new security perimeter.
Read why browser-centric DLP is now a must β https://thehackernews.com/2025/06/your-saas-data-isnt-safe-why.html
π14π€7
π¨ New Chaos RAT variant targets Linux & Windows users
Masquerading as a Linux network tool, the malware spreads via phishing to deploy crypto miners, steal data, and gain full device control.
π Full report: https://thehackernews.com/2025/06/chaos-rat-malware-targets-windows-and.html
Masquerading as a Linux network tool, the malware spreads via phishing to deploy crypto miners, steal data, and gain full device control.
π Full report: https://thehackernews.com/2025/06/chaos-rat-malware-targets-windows-and.html
π9π₯3β‘2π1
Do you know how and where AI is running in your org? That customer service agent isn't just an LLMβit's system prompts, tool calls, RAG data, user logs, and MCP servers.
Every untracked component = a breach waiting to happen.
Why AI asset sprawl goes way beyond model discovery β https://thn.news/ai-assets-sprawl
Every untracked component = a breach waiting to happen.
Why AI asset sprawl goes way beyond model discovery β https://thn.news/ai-assets-sprawl
π7π4
π¨ Google warns: Fake IT calls breaching Salesforce accounts.
Hackers from UNC6040 trick staff into approving a malicious βData Loaderβ app to steal data.
π Learn how the scam works: https://thehackernews.com/2025/06/google-exposes-vishing-group-unc6040.html
Hackers from UNC6040 trick staff into approving a malicious βData Loaderβ app to steal data.
π Learn how the scam works: https://thehackernews.com/2025/06/google-exposes-vishing-group-unc6040.html
π7π5π3π₯2
π¨ One PASSWORD to rule them all?
A critical flaw (CVSS 9.9) in Cisco ISE cloud deployments (AWS, Azure, OCI) means static credentials are reused across systemsβallowing unauthenticated attackers to access configs, data, and more.
Details β https://thehackernews.com/2025/06/critical-cisco-ise-auth-bypass-flaw.html
π No fixβonly factory reset.
A critical flaw (CVSS 9.9) in Cisco ISE cloud deployments (AWS, Azure, OCI) means static credentials are reused across systemsβallowing unauthenticated attackers to access configs, data, and more.
Details β https://thehackernews.com/2025/06/critical-cisco-ise-auth-bypass-flaw.html
π No fixβonly factory reset.
π11π₯9π4β‘1π€―1
π¨ Dark web carding site BidenCash taken down by U.S. DoJ
πΉ 15M+ stolen credit cards sold
πΉ $17M in criminal profits
πΉ 3.3M cards leaked for free to attract buyers
πΉ 117K+ users served since 2022
Seized in global sting with FBI & Europol.
Read: https://thehackernews.com/2025/06/doj-seizes-145-domains-tied-to.html
πΉ 15M+ stolen credit cards sold
πΉ $17M in criminal profits
πΉ 3.3M cards leaked for free to attract buyers
πΉ 117K+ users served since 2022
Seized in global sting with FBI & Europol.
Read: https://thehackernews.com/2025/06/doj-seizes-145-domains-tied-to.html
π19π9
π₯ 2025βs biggest cyber threat? The accounts you forgot existed.
Machine IDs now outnumber humans 45:1 β and theyβre 7.5x more dangerous.
Leaked secrets, orphaned privileges, siloed teams.
Attackers see the full map. Do you?
π How to close identity gaps before itβs too late: https://thehackernews.com/expert-insights/2025/06/identity-first-security-multilayered.html
Machine IDs now outnumber humans 45:1 β and theyβre 7.5x more dangerous.
Leaked secrets, orphaned privileges, siloed teams.
Attackers see the full map. Do you?
π How to close identity gaps before itβs too late: https://thehackernews.com/expert-insights/2025/06/identity-first-security-multilayered.html
π₯8
Iran-linked hackers are spying on Kurdish & Iraqi officials using custom malware.
The group BladedFeline breached:
β’ KRG diplomats
β’ Iraq gov networks
β’ Uzbekistan telecom
Backdoors used: Whisper, Spearal, Shahmaran, Slippery Snakelet.
π΅οΈββοΈ Full story β https://thehackernews.com/2025/06/iran-linked-bladedfeline-hits-iraqi-and.html
The group BladedFeline breached:
β’ KRG diplomats
β’ Iraq gov networks
β’ Uzbekistan telecom
Backdoors used: Whisper, Spearal, Shahmaran, Slippery Snakelet.
π΅οΈββοΈ Full story β https://thehackernews.com/2025/06/iran-linked-bladedfeline-hits-iraqi-and.html
β‘7π3π₯3π±3
π₯ $4.88M average breach cost β boards want real ROI, not just patch counts.
Business Value Assessment (BVA) links risk to $$ and shows cost of inaction β often $500K+ monthly.
Stop guessing. Measure impact. Turn security into business value.
Try this new ROI Calculator β¬οΈ https://thehackernews.com/2025/06/redefining-cyber-value-why-business.html
Business Value Assessment (BVA) links risk to $$ and shows cost of inaction β often $500K+ monthly.
Stop guessing. Measure impact. Turn security into business value.
Try this new ROI Calculator β¬οΈ https://thehackernews.com/2025/06/redefining-cyber-value-why-business.html
π₯7π4π€2
π¨βBitterβ hacking group targets governments and diplomats worldwide using advanced malware and spear-phishing.
Recent attacks spread from South Asia to Turkey. Active during business hours.
Learn more β https://thehackernews.com/2025/06/bitter-hacker-group-expands-cyber.html
Recent attacks spread from South Asia to Turkey. Active during business hours.
Learn more β https://thehackernews.com/2025/06/bitter-hacker-group-expands-cyber.html
π12
β οΈ Ukraine hit by PathWiper malware wiping critical data via hacked admin tools. Linked to Russia-based APT groups.
π¨ Meanwhile, Silent Werewolf launches stealth attacks on Russian & Moldovan sectors using advanced loaders.
Stay informedβlearn here: https://thehackernews.com/2025/06/new-pathwiper-data-wiper-malware.html
π¨ Meanwhile, Silent Werewolf launches stealth attacks on Russian & Moldovan sectors using advanced loaders.
Stay informedβlearn here: https://thehackernews.com/2025/06/new-pathwiper-data-wiper-malware.html
π₯23π±5π2π€―1
π¨ Enterprise security is under siege!
30% of attacks target web assets, 21% hit APIs & IoT devices.
β οΈ Too many alerts
β οΈ Scattered tests
β οΈ Limited visibility = High risk
π AI-powered full-path attack simulation + centralized control = real defense.
Learn what it means β https://thehackernews.com/expert-insights/2025/06/solving-enterprise-security-challenge.html
30% of attacks target web assets, 21% hit APIs & IoT devices.
β οΈ Too many alerts
β οΈ Scattered tests
β οΈ Limited visibility = High risk
π AI-powered full-path attack simulation + centralized control = real defense.
Learn what it means β https://thehackernews.com/expert-insights/2025/06/solving-enterprise-security-challenge.html
π8π5π₯2
π¨Alert: Positive Technologies has confirmed the deadly CVE-2025-49113 exploitβauthenticated users can run arbitrary commands through PHP object deserialization.
Read: https://thehackernews.com/2025/06/critical-10-year-old-roundcube-webmail.html
Action: Update Roundcube immediately to the latest version.
Read: https://thehackernews.com/2025/06/critical-10-year-old-roundcube-webmail.html
Action: Update Roundcube immediately to the latest version.
π8π₯5π€―1
Think like an attacker to defend better.
AEV continuously simulates cyber-attacks to show how hackers exploit your system.
It helps teams prioritize fixesβcredentials, misconfigs, etc.βbeyond patching.
Stay ahead by understanding attackers, not just checking boxes: https://thehackernews.com/2025/06/inside-mind-of-adversary-why-more.html
AEV continuously simulates cyber-attacks to show how hackers exploit your system.
It helps teams prioritize fixesβcredentials, misconfigs, etc.βbeyond patching.
Stay ahead by understanding attackers, not just checking boxes: https://thehackernews.com/2025/06/inside-mind-of-adversary-why-more.html
π9π₯5π2
π¨ Tech support scam busted: 4 arrested in India, 2 fake call centers taken down targeting Japanese victims via AI-powered tricks.
66,000+ malicious domains removed since 2024 through global CBI-Microsoft-Japan effort.
Cybercrime is evolvingβglobal teamwork is the key.
Learn more: https://thehackernews.com/2025/06/microsoft-helps-cbi-dismantle-indian.html
66,000+ malicious domains removed since 2024 through global CBI-Microsoft-Japan effort.
Cybercrime is evolvingβglobal teamwork is the key.
Learn more: https://thehackernews.com/2025/06/microsoft-helps-cbi-dismantle-indian.html
π₯11π€―7π4π2β‘1
β οΈ macOS Alert β Fake Spectrum CAPTCHA is a trap!
Russian hackers use clipboard hacks + terminal scripts to steal passwords & install Atomic Stealer.
Victims unknowingly run commands β handing over control.
This sneaky ClickFix tactic preys on your βsecurity checkβ fatigue.
Read: https://thehackernews.com/2025/06/new-atomic-macos-stealer-campaign.html
Russian hackers use clipboard hacks + terminal scripts to steal passwords & install Atomic Stealer.
Victims unknowingly run commands β handing over control.
This sneaky ClickFix tactic preys on your βsecurity checkβ fatigue.
Read: https://thehackernews.com/2025/06/new-atomic-macos-stealer-campaign.html
π₯13π6π€―3π2β‘1
β οΈ Generative AI is leaking your sensitive dataβ4 million+ blocked attempts just in Zscalerβs cloud alone.
Blocking AI apps wonβt stop employees; it just pushes data risks into the shadows.
The real fix? Visibility, context-aware policies, and secure AI alternatives that keep productivity high and data safe.
Hereβs what smart AI security looks like β
Details here β https://thehackernews.com/2025/06/empower-users-and-protect-against-genai.html
Blocking AI apps wonβt stop employees; it just pushes data risks into the shadows.
The real fix? Visibility, context-aware policies, and secure AI alternatives that keep productivity high and data safe.
Hereβs what smart AI security looks like β
Details here β https://thehackernews.com/2025/06/empower-users-and-protect-against-genai.html
π16π€7π3
π¨ Over 700 downloads of multiple malicious Chrome extensions are stealing banking data from Brazilians and 70+ companies.
Phishing emails disguised as invoices install spyware targeting Banco do Brasil.
Details here β https://thehackernews.com/2025/06/malicious-browser-extensions-infect-722.html
Phishing emails disguised as invoices install spyware targeting Banco do Brasil.
Details here β https://thehackernews.com/2025/06/malicious-browser-extensions-infect-722.html
π13π±5β‘4π₯1
π¨ Supply chain attacks hit npm & PyPI: malware in 1M+ downloads steals data, runs commands, and wipes files.
A PyPI package steals Instagram creds, spreading them to botnets.
Check your dependencies NOW.
Full details β https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html
A PyPI package steals Instagram creds, spreading them to botnets.
Check your dependencies NOW.
Full details β https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html
π10π₯4π2π1π€―1
This media is not supported in your browser
VIEW IN TELEGRAM
π¨ OpenAI banned ChatGPT accounts linked to Russian and Chinese hackers using AI to build stealthy malware and automate attacks.
They refined malware code, hid it in fake gaming tools, stole browser data, evading detection.
Read details here β https://thehackernews.com/2025/06/openai-bans-chatgpt-accounts-used-by.html
They refined malware code, hid it in fake gaming tools, stole browser data, evading detection.
Read details here β https://thehackernews.com/2025/06/openai-bans-chatgpt-accounts-used-by.html
π34π€11π5π€―5π₯2π1