🚨 Enterprise security is under siege!
30% of attacks target web assets, 21% hit APIs & IoT devices.
⚠️ Too many alerts
⚠️ Scattered tests
⚠️ Limited visibility = High risk
🔍 AI-powered full-path attack simulation + centralized control = real defense.
Learn what it means → https://thehackernews.com/expert-insights/2025/06/solving-enterprise-security-challenge.html
30% of attacks target web assets, 21% hit APIs & IoT devices.
⚠️ Too many alerts
⚠️ Scattered tests
⚠️ Limited visibility = High risk
🔍 AI-powered full-path attack simulation + centralized control = real defense.
Learn what it means → https://thehackernews.com/expert-insights/2025/06/solving-enterprise-security-challenge.html
👍8😁5🔥2
🚨Alert: Positive Technologies has confirmed the deadly CVE-2025-49113 exploit—authenticated users can run arbitrary commands through PHP object deserialization.
Read: https://thehackernews.com/2025/06/critical-10-year-old-roundcube-webmail.html
Action: Update Roundcube immediately to the latest version.
Read: https://thehackernews.com/2025/06/critical-10-year-old-roundcube-webmail.html
Action: Update Roundcube immediately to the latest version.
👍8🔥5🤯1
Think like an attacker to defend better.
AEV continuously simulates cyber-attacks to show how hackers exploit your system.
It helps teams prioritize fixes—credentials, misconfigs, etc.—beyond patching.
Stay ahead by understanding attackers, not just checking boxes: https://thehackernews.com/2025/06/inside-mind-of-adversary-why-more.html
AEV continuously simulates cyber-attacks to show how hackers exploit your system.
It helps teams prioritize fixes—credentials, misconfigs, etc.—beyond patching.
Stay ahead by understanding attackers, not just checking boxes: https://thehackernews.com/2025/06/inside-mind-of-adversary-why-more.html
👍9🔥5👏2
🚨 Tech support scam busted: 4 arrested in India, 2 fake call centers taken down targeting Japanese victims via AI-powered tricks.
66,000+ malicious domains removed since 2024 through global CBI-Microsoft-Japan effort.
Cybercrime is evolving—global teamwork is the key.
Learn more: https://thehackernews.com/2025/06/microsoft-helps-cbi-dismantle-indian.html
66,000+ malicious domains removed since 2024 through global CBI-Microsoft-Japan effort.
Cybercrime is evolving—global teamwork is the key.
Learn more: https://thehackernews.com/2025/06/microsoft-helps-cbi-dismantle-indian.html
🔥11🤯7👍4😁2⚡1
⚠️ macOS Alert — Fake Spectrum CAPTCHA is a trap!
Russian hackers use clipboard hacks + terminal scripts to steal passwords & install Atomic Stealer.
Victims unknowingly run commands — handing over control.
This sneaky ClickFix tactic preys on your “security check” fatigue.
Read: https://thehackernews.com/2025/06/new-atomic-macos-stealer-campaign.html
Russian hackers use clipboard hacks + terminal scripts to steal passwords & install Atomic Stealer.
Victims unknowingly run commands — handing over control.
This sneaky ClickFix tactic preys on your “security check” fatigue.
Read: https://thehackernews.com/2025/06/new-atomic-macos-stealer-campaign.html
🔥13😁6🤯3👍2⚡1
⚠️ Generative AI is leaking your sensitive data—4 million+ blocked attempts just in Zscaler’s cloud alone.
Blocking AI apps won’t stop employees; it just pushes data risks into the shadows.
The real fix? Visibility, context-aware policies, and secure AI alternatives that keep productivity high and data safe.
Here’s what smart AI security looks like ↓
Details here → https://thehackernews.com/2025/06/empower-users-and-protect-against-genai.html
Blocking AI apps won’t stop employees; it just pushes data risks into the shadows.
The real fix? Visibility, context-aware policies, and secure AI alternatives that keep productivity high and data safe.
Here’s what smart AI security looks like ↓
Details here → https://thehackernews.com/2025/06/empower-users-and-protect-against-genai.html
👍16🤔7👏3
🚨 Over 700 downloads of multiple malicious Chrome extensions are stealing banking data from Brazilians and 70+ companies.
Phishing emails disguised as invoices install spyware targeting Banco do Brasil.
Details here ↓ https://thehackernews.com/2025/06/malicious-browser-extensions-infect-722.html
Phishing emails disguised as invoices install spyware targeting Banco do Brasil.
Details here ↓ https://thehackernews.com/2025/06/malicious-browser-extensions-infect-722.html
👍13😱5⚡4🔥1
🚨 Supply chain attacks hit npm & PyPI: malware in 1M+ downloads steals data, runs commands, and wipes files.
A PyPI package steals Instagram creds, spreading them to botnets.
Check your dependencies NOW.
Full details ↓ https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html
A PyPI package steals Instagram creds, spreading them to botnets.
Check your dependencies NOW.
Full details ↓ https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html
👍10🔥4😁2👏1🤯1
This media is not supported in your browser
VIEW IN TELEGRAM
🚨 OpenAI banned ChatGPT accounts linked to Russian and Chinese hackers using AI to build stealthy malware and automate attacks.
They refined malware code, hid it in fake gaming tools, stole browser data, evading detection.
Read details here ↓ https://thehackernews.com/2025/06/openai-bans-chatgpt-accounts-used-by.html
They refined malware code, hid it in fake gaming tools, stole browser data, evading detection.
Read details here ↓ https://thehackernews.com/2025/06/openai-bans-chatgpt-accounts-used-by.html
😁34🤔11👍5🤯5🔥2👏1
🚨 Cybersecurity Weekly Recap is here!
Chrome zero-day actively exploited, destructive malware hits Ukraine, iPhone zero-click hacks uncovered. Plus, global crypto scams and state-backed cyber espionage rising.
Full threat roundup ↓ https://thehackernews.com/2025/06/weekly-recap-chrome-0-day-data-wipers.html
Chrome zero-day actively exploited, destructive malware hits Ukraine, iPhone zero-click hacks uncovered. Plus, global crypto scams and state-backed cyber espionage rising.
Full threat roundup ↓ https://thehackernews.com/2025/06/weekly-recap-chrome-0-day-data-wipers.html
🔥7👍3
Take the pain out of patch management and unlock IT agility
Streamline your strategy with AI, automation & orchestration—read the new guide from Tines.
https://thn.news/it-agility-automation-patch
Streamline your strategy with AI, automation & orchestration—read the new guide from Tines.
https://thn.news/it-agility-automation-patch
🔥5
This media is not supported in your browser
VIEW IN TELEGRAM
A critical flaw in Wazuh Server (CVE-2025-24016) is being actively exploited to drop multiple Mirai botnet variants—sparking massive DDoS attacks worldwide.
Millions of IoT devices remain vulnerable, fueling relentless botnet growth and escalating global cyber threats.
Details here ↓ https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html
Millions of IoT devices remain vulnerable, fueling relentless botnet growth and escalating global cyber threats.
Details here ↓ https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html
👍16🤯7😁1
SentinelOne and 70+ global targets hit by a China-linked espionage campaign from mid-2024 to early 2025.
The attackers exploited zero-day SAP and network flaws—using advanced tools previously unseen in state attacks.
Details here → https://thehackernews.com/2025/06/over-70-organizations-across-multiple.html
The attackers exploited zero-day SAP and network flaws—using advanced tools previously unseen in state attacks.
Details here → https://thehackernews.com/2025/06/over-70-organizations-across-multiple.html
🤔11🔥6👍1😁1
🚨 Two critical vulnerabilities in Erlang/OTP SSH and Roundcube Webmail are actively exploited—one allows remote code execution without credentials, the other email theft via XSS.
Plus, a major WordPress plugin flaw lets attackers hijack any account without logging in.
Details here ↓ https://thehackernews.com/2025/06/cisa-adds-erlang-ssh-and-roundcube.html
Plus, a major WordPress plugin flaw lets attackers hijack any account without logging in.
Details here ↓ https://thehackernews.com/2025/06/cisa-adds-erlang-ssh-and-roundcube.html
🤯13🔥5👏2
Rare Werewolf, an APT group, hijacks legitimate software to mine crypto & steal data from hundreds of Russian firms—using stealthy scripts and remote access.
👀 They wake infected PCs at 1 a.m. for covert control, then shut them down by 5 a.m.
Read ↓ https://thehackernews.com/2025/06/rare-werewolf-apt-uses-legitimate.html
👀 They wake infected PCs at 1 a.m. for covert control, then shut them down by 5 a.m.
Read ↓ https://thehackernews.com/2025/06/rare-werewolf-apt-uses-legitimate.html
🤔14🔥10⚡2
This media is not supported in your browser
VIEW IN TELEGRAM
Google just fixed a flaw that let attackers brute-force recovery phone numbers in seconds—putting millions at risk of SIM swaps and account takeovers.
The catch? It abused an old, disabled-JS recovery form and cleverly leaked user names via Looker Studio.
Details here → https://thehackernews.com/2025/06/researcher-found-flaw-to-discover-phone.html
The catch? It abused an old, disabled-JS recovery form and cleverly leaked user names via Looker Studio.
Details here → https://thehackernews.com/2025/06/researcher-found-flaw-to-discover-phone.html
🔥16👏6
AI agents use hidden Non-Human Identities that attackers are targeting. Most orgs don’t even know they exist.
Join our webinar with Astrix Security to learn how to secure these invisible risks before they become your biggest threat.
Save your spot ↓ https://thehacker.news/ai-agents-identities
Join our webinar with Astrix Security to learn how to secure these invisible risks before they become your biggest threat.
Save your spot ↓ https://thehacker.news/ai-agents-identities
👏6👍5
🔐 Webinar: The 2025 Identity Governance Playbook
Incomplete app coverage. Compliance gaps. Manual workarounds. It’s no wonder so many IGA programs stall out.
On June 26 at 10 AM PT / 1 PM ET, join industry analyst Francis Odum and Cerby CEO Belsasar Lepe for a conversation on how leading teams are rethinking identity governance—without ripping out their stack.
You’ll learn:
🔹 Why most IGA programs stall
🔹 Where automation and AI are closing critical gaps
🔹 How to get full app coverage—without a rip-and-replace of your existing tools
If IGA is on your roadmap, this is one you don’t want to miss!
Grab your spot today 👉 https://thn.news/2025-iga-playbook
Incomplete app coverage. Compliance gaps. Manual workarounds. It’s no wonder so many IGA programs stall out.
On June 26 at 10 AM PT / 1 PM ET, join industry analyst Francis Odum and Cerby CEO Belsasar Lepe for a conversation on how leading teams are rethinking identity governance—without ripping out their stack.
You’ll learn:
🔹 Why most IGA programs stall
🔹 Where automation and AI are closing critical gaps
🔹 How to get full app coverage—without a rip-and-replace of your existing tools
If IGA is on your roadmap, this is one you don’t want to miss!
Grab your spot today 👉 https://thn.news/2025-iga-playbook
👍5
🚨 Myth Stealer, a new Rust-based info stealer, is hitting gamers via fake sites and cracked cheats—stealing passwords from all major browsers while fooling users with fake windows.
Here’s what you need to know ↓ https://thehackernews.com/2025/06/rust-based-myth-stealer-malware-spread.html
Here’s what you need to know ↓ https://thehackernews.com/2025/06/rust-based-myth-stealer-malware-spread.html
👍6😁3
This media is not supported in your browser
VIEW IN TELEGRAM
Non-human identities now outnumber human ones by up to 50-to-1—and 46% of orgs faced breaches from them last year.
These overlooked credentials are prime targets with weak security and broad access.
Securing NHIs isn’t optional—it’s urgent.
Learn how CISOs are tackling this rising risk ↓ https://thehackernews.com/2025/06/the-hidden-threat-in-your-stack-why-non.html
These overlooked credentials are prime targets with weak security and broad access.
Securing NHIs isn’t optional—it’s urgent.
Learn how CISOs are tackling this rising risk ↓ https://thehackernews.com/2025/06/the-hidden-threat-in-your-stack-why-non.html
🤯12