🚨 Your AI agent isn’t just helping—it has full access to code, payroll, email, and more.

If one device gets hacked, it can leak everything—fast.

The real risk? It’s not the AI. It’s who (or what) can talk to it.

Learn how to lock it down → https://thehackernews.com/2025/07/ai-agents-act-like-employees-with-root.html

ISPs are high-value DDoS targets—and need tailored defenses.

We tested the DDoS resilience of a leading mobile operator by simulating six attacks that bypassed their CDN and hit the origin server directly.

While network-layer attacks were blocked, two app-layer attacks—a GET Flood and POST Flood—slipped through.

Read the full case study and our hardening recommendations → https://thn.news/african-telecom-ddos

🚨 Hackers are exploiting fully patched SonicWall SMA 100 firewalls using stolen OTP seeds and a stealth backdoor.

Google says the malware, OVERSTEP, rewrites boot scripts, hides logs, and steals credentials—persisting even after reboots.

Full story → https://thehackernews.com/2025/07/unc6148-backdoors-fully-patched.html

⚠️ Matanbuchus 3.0 is here—and hackers are pushing it via fake Microsoft Teams IT calls.

It slips in through Quick Assist, bypasses AV, and can launch ransomware with a click.

Details on the $15K MaaS threat → https://thehackernews.com/2025/07/hackers-leverage-microsoft-teams-to.html

🛑 China-backed hackers breached Taiwan’s chip industry and a U.S. National Guard unit.

They used fake resumes, poisoned PDFs, and VPN beacons to exfiltrate intel—some attacks went undetected for 9 months.

Critical infrastructure data was stolen. PII too.

Here’s the full story → https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html

💥 New Cisco ISE flaw lets attackers run code as root — no login needed.

The bug (CVE-2025-20337) scores a perfect 10.0. Just one crafted API call = full system takeover.

Affected? Patch now or risk compromise.

Details here → https://thehackernews.com/2025/07/cisco-warns-of-critical-ise-flaw.html

👨🏻‍💻 Europol just crippled pro-Russian hacktivist group NoName057(16):

→ 100+ systems seized
→ 6 Russian suspects wanted
→ 1,000+ supporters warned

They gamified cyberattacks—badges, leaderboards, crypto rewards—to fuel digital warfare.

Full story → https://thehackernews.com/2025/07/europol-disrupts-noname05716-hacktivist.html

🚀 Exclusive threat intelligence used by top SOCs is now free!

#ANYRUN just made TI Lookup available to everyone
🔥

Access live attack data to cut MTTR and drive down business risks.

Act faster and smarter now: https://thn.news/anyrun-threat-intel-tg

🔓 Most security tools only look at known threats.

BreachLock combines CTEM, ASM & VM to expose everything—even the risks you don’t see.

One platform. Total visibility. Faster response.

Here’s how it works → https://thehackernews.com/2025/07/ctem-vs-asm-vs-vulnerability-management.html

🚨 Hackers are hiding crypto miners in legit websites using an old Apache flaw (CVE-2021-41773).

They’re mining silently. Detection is hard. Victims see HTTPS + valid SSL.

It’s a stealthy, years-long campaign.

Here’s how it works — and why it matters: https://thehackernews.com/2025/07/hackers-exploit-apache-http-server-flaw.html

🚨 Hackers abused fake GitHub accounts to host Amadey malware plugins & stealers like Lumma & RedLine.

They used Emmenhtal loader to drop payloads—evading filters with public repos. Even legit tools like PuTTY were weaponized.

Details → https://thehackernews.com/2025/07/hackers-use-github-repositories-to-host.html

🚨 Critical NVIDIA GPU bug lets attackers hijack AI containers with just 3 lines of code (CVSS 9.0).

Impacts 37% of cloud environments—risking full server takeover & model theft.

Read the full report → https://thehackernews.com/2025/07/critical-nvidia-container-toolkit-flaw.html

🚨 Google sues 25 China-based actors behind BADBOX 2.0 — a botnet infecting 10M+ devices with malware before they even reach users.

The kicker? They used hacked TVs & apps to steal ad money from Google itself.

Details here → https://thehackernews.com/2025/07/google-sues-25-chinese-entities-over.html

🚨 New malware “LAMEHUG” uses a coding LLM to generate real-time attack commands—no scripts needed.

Discovered by Ukraine CERT, it runs through Hugging Face and was sent by APT28 to target officials.

This changes how phishing works → https://thehackernews.com/2025/07/cert-ua-discovers-lamehug-malware.html

🚨 Ransomware now wipes backups, steals data & blocks recovery.

Old backup plans won’t cut it.

SMBs lose ₹45L/day to downtime — not counting trust & revenue loss.

Build real cyber resilience now ↓ https://thehackernews.com/2025/07/how-cyber-resilience-helps-it-defend-against-ransomwa.html

🚨 ALERT - Hackers exploited two Ivanti flaws as zero-days to drop stealth malware MDifyLoader—and run Cobalt Strike in memory.

It hides using DLL sideloading, evades detection, and keeps coming back.

Full story ↓ https://thehackernews.com/2025/07/ivanti-zero-days-exploited-to-drop.html

⚠️ WARNING - Fake CVs are being used to breach defense, energy & aviation sectors in Asia.

Espionage group UNG0002 is deploying Cobalt Strike, Shadow RAT & fake gov CAPTCHA pages in targeted attacks across China, Hong Kong & Pakistan.

Full breakdown → https://thehackernews.com/2025/07/ung0002-group-hits-china-hong-kong.html

🔥 China’s border police are using a secret tool called Massistant to extract everything—from GPS to Signal chats—off phones.

It installs silently, pulls your data, then vanishes. iPhones may be next.

Details here → https://thehackernews.com/2025/07/chinas-massistant-tool-secretly.html

🚨 Hackers are actively exploiting a critical flaw in CrushFTP (CVE-2025-54309, CVSS 9.0) to gain admin access via HTTPS—no DMZ needed.

They reverse engineered a patch and struck fast.

The worst part? Many systems are still exposed.

Details here → https://thehackernews.com/2025/07/hackers-exploit-critical-crushftp-flaw.html

🚨 Hackers hijacked popular npm packages using phishing emails that mimicked npm support.

They published malware directly—no GitHub commits, no PRs.

One version tries to run a DLL for remote code execution.

Check if you’re affected ↓ https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html