LIVE WEBINAR: Building Your Secure AI Roadmap 🔒
Join this practical session to learn how leading teams are integrating security into every phase of the AI lifecycle.
Expect field insights, experts' best practices, and live answers to your toughest questions on AI visibility, red-teaming, runtime protection, and governance.
🗓️ July 23rd, 10 AM ET
🔗 Register here: https://thn.news/secure-ai-roadmap
Join this practical session to learn how leading teams are integrating security into every phase of the AI lifecycle.
Expect field insights, experts' best practices, and live answers to your toughest questions on AI visibility, red-teaming, runtime protection, and governance.
🗓️ July 23rd, 10 AM ET
🔗 Register here: https://thn.news/secure-ai-roadmap
👍9⚡2👏1
🚨 AI agents now outnumber humans in the cloud — and they're logging in with invisible keys.
They act fast, never question commands, and often hold overprivileged access no one monitors.
One forgotten token = full-blown breach.
Here’s how to fix it before it breaks you → https://thehackernews.com/2025/07/securing-agentic-ai-how-to-protect.html
They act fast, never question commands, and often hold overprivileged access no one monitors.
One forgotten token = full-blown breach.
Here’s how to fix it before it breaks you → https://thehackernews.com/2025/07/securing-agentic-ai-how-to-protect.html
🔥13😁1
🚨 New ransomware gang "GLOBAL GROUP" just hit 17 victims across 4 continents — in weeks.
It’s a rebrand of BlackLock, now upgraded with AI chatbots and 85% payouts to lure affiliates.
They’re buying access to law firms and critical networks.
Full story → https://thehackernews.com/2025/07/newly-emerged-global-group-raas-expands.html
It’s a rebrand of BlackLock, now upgraded with AI chatbots and 85% payouts to lure affiliates.
They’re buying access to law firms and critical networks.
Full story → https://thehackernews.com/2025/07/newly-emerged-global-group-raas-expands.html
🔥15🤯5
🚨 A single DDoS attack just peaked at 7.3 Tbps—in 45 seconds.
Cloudflare says hyper-volumetric attacks are exploding, with ransom threats up 68%.
Botnets like DemonBot are turning unsecured IoT into weapons.
Here’s what’s happening → https://thehackernews.com/2025/07/hyper-volumetric-ddos-attacks-reach.html
Cloudflare says hyper-volumetric attacks are exploding, with ransom threats up 68%.
Botnets like DemonBot are turning unsecured IoT into weapons.
Here’s what’s happening → https://thehackernews.com/2025/07/hyper-volumetric-ddos-attacks-reach.html
🤯26👏11🔥9⚡4
🛑 Google’s AI just stopped a cyberattack before it even began.
An LLM agent named Big Sleep discovered a critical SQLite flaw (CVE-2025-6965) that threat actors were likely about to exploit—making it the first known case of an AI foiling a live exploit attempt.
Details on how it worked → https://thehackernews.com/2025/07/google-ai-big-sleep-stops-exploitation.html
An LLM agent named Big Sleep discovered a critical SQLite flaw (CVE-2025-6965) that threat actors were likely about to exploit—making it the first known case of an AI foiling a live exploit attempt.
Details on how it worked → https://thehackernews.com/2025/07/google-ai-big-sleep-stops-exploitation.html
🔥20🤯20👍6👏3
⚠️ WARNING - Google Chrome Zero-Day Alert!
A new exploit is hitting users right now — CVE-2025-6558 lets attackers break out of the browser sandbox.
Update Chrome ASAP → https://thehackernews.com/2025/07/urgent-google-releases-critical-chrome.html
(Edge, Brave, Opera users: you're not safe either.)
A new exploit is hitting users right now — CVE-2025-6558 lets attackers break out of the browser sandbox.
Update Chrome ASAP → https://thehackernews.com/2025/07/urgent-google-releases-critical-chrome.html
(Edge, Brave, Opera users: you're not safe either.)
🤯35👍6🔥4👏2
🚨 Two Android threats just collided — and it’s getting wild.
Hackers are using evil twin apps with the same package name as legit Play Store apps to deliver Konfety malware — now upgraded with fake encryption, APK crashes, dynamic payloads, and hidden installs.
At the same time, TapTrap lets apps hijack your screen taps to grant malware dangerous permissions — no user awareness needed.
This isn’t theoretical. Android 16 is still vulnerable.
Details here → https://thehackernews.com/2025/07/new-konfety-malware-variant-evades.html
Hackers are using evil twin apps with the same package name as legit Play Store apps to deliver Konfety malware — now upgraded with fake encryption, APK crashes, dynamic payloads, and hidden installs.
At the same time, TapTrap lets apps hijack your screen taps to grant malware dangerous permissions — no user awareness needed.
This isn’t theoretical. Android 16 is still vulnerable.
Details here → https://thehackernews.com/2025/07/new-konfety-malware-variant-evades.html
😱18👍4🔥4
🚨 M&A chaos isn't just financial—it’s identity chaos too.
Mergers can spawn 25+ siloed systems, untracked privileged accounts, and dangerous role creep. One wrong move? Audit failures or full-blown breaches.
Here’s how to restore order before risk takes over ↓ https://thehackernews.com/expert-insights/2025/07/identity-challenges-in-mergers-and.html
Mergers can spawn 25+ siloed systems, untracked privileged accounts, and dangerous role creep. One wrong move? Audit failures or full-blown breaches.
Here’s how to restore order before risk takes over ↓ https://thehackernews.com/expert-insights/2025/07/identity-challenges-in-mergers-and.html
🔥11
⚡ Deepfake CEOs. Fake job offers. Cloned websites.
AI-powered scams are fooling even trained teams—because they look real. These aren’t phishing emails. They’re full-scale impersonation attacks.
See how to stop them in real time.
Watch the webinar → https://thehackernews.com/2025/07/deepfakes-fake-recruiters-cloned-cfos.html
AI-powered scams are fooling even trained teams—because they look real. These aren’t phishing emails. They’re full-scale impersonation attacks.
See how to stop them in real time.
Watch the webinar → https://thehackernews.com/2025/07/deepfakes-fake-recruiters-cloned-cfos.html
😁14👏4🔥3
🚨 One flaw. Total takeover.
A critical bug in Windows Server 2025 lets attackers generate any dMSA/gMSA password—across the forest.
It bypasses Credential Guard and can persist for years.
Details here → https://thehackernews.com/2025/07/critical-golden-dmsa-attack-in-windows.html
A critical bug in Windows Server 2025 lets attackers generate any dMSA/gMSA password—across the forest.
It bypasses Credential Guard and can persist for years.
Details here → https://thehackernews.com/2025/07/critical-golden-dmsa-attack-in-windows.html
🤯12⚡5👏4🔥1
🚨 Your AI agent isn’t just helping—it has full access to code, payroll, email, and more.
If one device gets hacked, it can leak everything—fast.
The real risk? It’s not the AI. It’s who (or what) can talk to it.
Learn how to lock it down → https://thehackernews.com/2025/07/ai-agents-act-like-employees-with-root.html
If one device gets hacked, it can leak everything—fast.
The real risk? It’s not the AI. It’s who (or what) can talk to it.
Learn how to lock it down → https://thehackernews.com/2025/07/ai-agents-act-like-employees-with-root.html
🤔8👍6😁4
ISPs are high-value DDoS targets—and need tailored defenses.
We tested the DDoS resilience of a leading mobile operator by simulating six attacks that bypassed their CDN and hit the origin server directly.
While network-layer attacks were blocked, two app-layer attacks—a GET Flood and POST Flood—slipped through.
Read the full case study and our hardening recommendations → https://thn.news/african-telecom-ddos
We tested the DDoS resilience of a leading mobile operator by simulating six attacks that bypassed their CDN and hit the origin server directly.
While network-layer attacks were blocked, two app-layer attacks—a GET Flood and POST Flood—slipped through.
Read the full case study and our hardening recommendations → https://thn.news/african-telecom-ddos
😁13🔥6😱3👍2⚡1
🚨 Hackers are exploiting fully patched SonicWall SMA 100 firewalls using stolen OTP seeds and a stealth backdoor.
Google says the malware, OVERSTEP, rewrites boot scripts, hides logs, and steals credentials—persisting even after reboots.
Full story → https://thehackernews.com/2025/07/unc6148-backdoors-fully-patched.html
Google says the malware, OVERSTEP, rewrites boot scripts, hides logs, and steals credentials—persisting even after reboots.
Full story → https://thehackernews.com/2025/07/unc6148-backdoors-fully-patched.html
😁13😱6👏4👍1
⚠️ Matanbuchus 3.0 is here—and hackers are pushing it via fake Microsoft Teams IT calls.
It slips in through Quick Assist, bypasses AV, and can launch ransomware with a click.
Details on the $15K MaaS threat → https://thehackernews.com/2025/07/hackers-leverage-microsoft-teams-to.html
It slips in through Quick Assist, bypasses AV, and can launch ransomware with a click.
Details on the $15K MaaS threat → https://thehackernews.com/2025/07/hackers-leverage-microsoft-teams-to.html
👍16😱4🤯2⚡1
🛑 China-backed hackers breached Taiwan’s chip industry and a U.S. National Guard unit.
They used fake resumes, poisoned PDFs, and VPN beacons to exfiltrate intel—some attacks went undetected for 9 months.
Critical infrastructure data was stolen. PII too.
Here’s the full story → https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html
They used fake resumes, poisoned PDFs, and VPN beacons to exfiltrate intel—some attacks went undetected for 9 months.
Critical infrastructure data was stolen. PII too.
Here’s the full story → https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html
😁21🔥10😱9👍3🤔3👏2
💥 New Cisco ISE flaw lets attackers run code as root — no login needed.
The bug (CVE-2025-20337) scores a perfect 10.0. Just one crafted API call = full system takeover.
Affected? Patch now or risk compromise.
Details here → https://thehackernews.com/2025/07/cisco-warns-of-critical-ise-flaw.html
The bug (CVE-2025-20337) scores a perfect 10.0. Just one crafted API call = full system takeover.
Affected? Patch now or risk compromise.
Details here → https://thehackernews.com/2025/07/cisco-warns-of-critical-ise-flaw.html
🤯19😱4👏1
👨🏻💻 Europol just crippled pro-Russian hacktivist group NoName057(16):
→ 100+ systems seized
→ 6 Russian suspects wanted
→ 1,000+ supporters warned
They gamified cyberattacks—badges, leaderboards, crypto rewards—to fuel digital warfare.
Full story → https://thehackernews.com/2025/07/europol-disrupts-noname05716-hacktivist.html
→ 100+ systems seized
→ 6 Russian suspects wanted
→ 1,000+ supporters warned
They gamified cyberattacks—badges, leaderboards, crypto rewards—to fuel digital warfare.
Full story → https://thehackernews.com/2025/07/europol-disrupts-noname05716-hacktivist.html
🔥11⚡4👏3😱3😁2
🚀 Exclusive threat intelligence used by top SOCs is now free!
#ANYRUN just made TI Lookup available to everyone
🔥
Access live attack data to cut MTTR and drive down business risks.
Act faster and smarter now: https://thn.news/anyrun-threat-intel-tg
#ANYRUN just made TI Lookup available to everyone
🔥
Access live attack data to cut MTTR and drive down business risks.
Act faster and smarter now: https://thn.news/anyrun-threat-intel-tg
👏10😁2
🔓 Most security tools only look at known threats.
BreachLock combines CTEM, ASM & VM to expose everything—even the risks you don’t see.
One platform. Total visibility. Faster response.
Here’s how it works → https://thehackernews.com/2025/07/ctem-vs-asm-vs-vulnerability-management.html
BreachLock combines CTEM, ASM & VM to expose everything—even the risks you don’t see.
One platform. Total visibility. Faster response.
Here’s how it works → https://thehackernews.com/2025/07/ctem-vs-asm-vs-vulnerability-management.html
😁7🔥1
🚨 Hackers are hiding crypto miners in legit websites using an old Apache flaw (CVE-2021-41773).
They’re mining silently. Detection is hard. Victims see HTTPS + valid SSL.
It’s a stealthy, years-long campaign.
Here’s how it works — and why it matters: https://thehackernews.com/2025/07/hackers-exploit-apache-http-server-flaw.html
They’re mining silently. Detection is hard. Victims see HTTPS + valid SSL.
It’s a stealthy, years-long campaign.
Here’s how it works — and why it matters: https://thehackernews.com/2025/07/hackers-exploit-apache-http-server-flaw.html
😱12🔥7👍4