🚨 Ransomware gangs are exploiting unpatched SimpleHelp flaws to hit utility billing customers with double extortion attacks — since Jan 2025.

CISA warns: patch now or risk serious breaches.

Read → https://thehackernews.com/2025/06/ransomware-gangs-exploit-unpatched.html

Meanwhile, new Fog ransomware uses legit employee monitoring software to stay hidden and persistent for weeks.

Security teams drown in alerts—but real risks slip through unnoticed.

Continuous Threat Exposure Management (CTEM) shifts focus from alerts to actual attack paths, prioritizing prevention over reaction.

Stop chasing every alert. Start managing risk with purpose.

Read more ↓ https://thehackernews.com/2025/06/ctem-is-new-soc-shifting-from.html

🚨 Over 269,000 legit websites hijacked with hidden JavaScript redirecting search engine visitors to malware and scams.

Using a stealthy JSFireTruck obfuscation, attackers fingerprint devices to serve fake CAPTCHAs, tech support scams, and malware—evading detection at scale.

Learn how this massive campaign works ↓ https://thehackernews.com/2025/06/over-269000-websites-infected-with.html

Discord invite links are being hijacked to deliver malware that steals crypto wallets and personal data.

Attackers reuse expired/deleted invites, redirecting to fake servers, tricking users into running malicious PowerShell scripts disguised as verification.

Full details here ↓ https://thehackernews.com/2025/06/discord-invite-link-hijacking-delivers.html

This Multi-stage attack uses Pastebin & GitHub to evade security tools.

⚠️ A fake Python package just stole AWS tokens, Jamf data & CI/CD secrets — from devs at Grab.

The malware posed as a legit helper for ML workflows, hid a multi-stage info-stealer, and targeted macOS too.

Details here → https://thehackernews.com/2025/06/malicious-pypi-package-masquerades-as.html

🚨 Most cybersecurity providers are leaving money on the table.

Still selling one-off audits or patch jobs? You're missing the shift.

Strategic services like vCISO programs aren’t just higher value—they’re recurring revenue machines.

How to evolve your offering ↓ https://thehackernews.com/2025/06/playbook-transforming-your.html

🚨 New ransomware “Anubis” can encrypt your files—and then erase them forever.

Even if you pay, recovery is impossible. Victims span healthcare, hospitality & more.

This rare dual-threat ups the pressure to pay.

Details here → https://thehackernews.com/2025/06/anubis-ransomware-encrypts-and-wipes.html

🚨 U.S. seizes $7.7M linked to North Korean IT worker scam targeting crypto firms.

Fake identities, AI tools, and Zoom hacks helped funnel millions to fund Pyongyang’s weapons program.

Here’s how deep the deception goes ↓ https://thehackernews.com/2025/06/us-seizes-774m-in-crypto-tied-to-north.html

🚨 WhatsApp ads are finally here—inside your Status updates.

Meta says it’s privacy-friendly, but it’s tapping your location, device data, and even Facebook activity to target you.

Here’s what’s changing ↓ https://thehackernews.com/2025/06/meta-starts-showing-ads-on-whatsapp.html

🚨 VPNs are now a business risk — not just a security hole.

Hackers are using AI to scan for flaws 24/7. One bug in your VPN, and it’s open season.

The fix? Stop trusting the network. Start securing access.

Details here → https://thehackernews.com/expert-insights/2025/04/its-time-to-rethink-your-security-for.html

🚨 CISA just flagged a live exploit in TP-Link routers (CVE-2023-33538, CVSS 8.8) — attackers can run system commands remotely.

Worse? Many affected models may be end-of-life, with no fix coming.

Here’s what you need to know ↓ https://thehackernews.com/2025/06/tp-link-router-flaw-cve-2023-33538.html

🚨 Langflow flaw (CVSS 9.8) now exploited in the wild — installs new Flodrix botnet

No login needed. One HTTP request = full remote control.

Targets AI servers for encrypted DDoS via TOR.

Details here → https://thehackernews.com/2025/06/new-flodrix-botnet-variant-exploits.html

🚨 Sitecore flaw gives hackers full access — with a single-character password.

A default login of “b” can be chained to remote code execution. It works pre-auth.

Used by banks, airlines, global firms. The blast radius is huge.

Here’s what you need to know ↓ https://thehackernews.com/2025/06/hard-coded-b-password-in-sitecore-xp.html

🚨 Ransomware is now destroying your backups first.

Hackers are targeting snapshots, wiping cloud copies, and deleting recovery paths — before locking your systems.

The worst part? Many orgs don’t realize it until it’s too late.

Here’s how to bulletproof your backups ↓ https://thehackernews.com/2025/06/how-to-protect-your-backups-from-ransomware-attacks.html

🚨 24 million secrets exposed on GitHub—and AI is making it worse.

Repos using Copilot are 40% more likely to leak credentials.

Think API keys, SSH tokens… the stuff attackers love.
The worst part? Most devs don’t even know they’re leaking them.

Here’s how to fix it ↓ https://thehackernews.com/expert-insights/2025/06/exposed-developer-secrets-are-big.html

🕷️ Scattered Spider is now hitting U.S. insurance giants — not just retailers.

⚠️ They’re bypassing MFA, tricking help desks, and breaching entire IT ecosystems.

Here’s how they do it — and how to stop them ↓ https://thehackernews.com/2025/06/google-warns-of-scattered-spider.html

🚨 New phishing campaign hits Taiwan, delivering stealthy malware like Gh0stCringe and HoldingHands RAT.

Hackers use fake tax emails, sneaky PDFs, and ZIP traps to hijack systems and spy on users.

It’s all linked to China-backed Silver Fox APT.

Here’s what’s happening → https://thehackernews.com/2025/06/silver-fox-apt-targets-taiwan-with.html

🚨 130,000 devices. One forgotten service account.

A 2024 botnet attack used stale Microsoft 365 accounts with weak passwords—bypassing MFA silently via legacy auth.

If you're not auditing AD service accounts, you're already exposed.

Here’s how to fix it ↓ https://thehackernews.com/2025/06/are-forgotten-ad-service-accounts.html

🚨 A LangChain vulnerability let attackers steal OpenAI API keys, prompts & files—just by clicking “Try It.”

All data silently routed through a malicious proxy.

Details → https://thehackernews.com/2025/06/langchain-langsmith-bug-let-hackers.html

Patched now—but the risk was real.

🚨 A Chrome zero-day (CVE-2025-2783) was used in a live attack to drop a stealthy backdoor.

The hacker group TaxOff tricked targets with fake forum invites—one click, full compromise.

Here’s how the Trinper malware quietly hijacked systems ↓ https://thehackernews.com/2025/06/google-chrome-zero-day-cve-2025-2783.html