🚨 Your AI agent might already be vulnerable.
Pillar Security just launched a full-lifecycle AI defense platform—built by ex-offensive and defensive cyber ops—to catch threats before code is even written.
From threat modeling to runtime guardrails, this flips AI security on its head.
Full story → https://thehackernews.com/2025/07/product-walkthrough-look-inside-pillars.html
Pillar Security just launched a full-lifecycle AI defense platform—built by ex-offensive and defensive cyber ops—to catch threats before code is even written.
From threat modeling to runtime guardrails, this flips AI security on its head.
Full story → https://thehackernews.com/2025/07/product-walkthrough-look-inside-pillars.html
😁8👍2🤔1
Custom containers, zero headaches.
ActiveState builds and scans your stack from OS to app—SBOM, low-to-no CVEs, ready for your CI/CD. Own your security. Stop inheriting risk.
Customize Your Container → https://thn.news/activestate-container-security
#DevSecOps #OpenSourceSecurity
ActiveState builds and scans your stack from OS to app—SBOM, low-to-no CVEs, ready for your CI/CD. Own your security. Stop inheriting risk.
Customize Your Container → https://thn.news/activestate-container-security
#DevSecOps #OpenSourceSecurity
👏6
🔥 A free decryptor just landed for FunkSec ransomware — 172 victims hit across tech, gov, and education can now get their files back.
Built with AI. Written in Rust. Broken by rookies.
Get the tool + full story ↓ https://thehackernews.com/2025/07/funksec-ransomware-decryptor-released.html
Built with AI. Written in Rust. Broken by rookies.
Get the tool + full story ↓ https://thehackernews.com/2025/07/funksec-ransomware-decryptor-released.html
👏11🤯7😁1
🚨 Thousands tricked by fake crypto apps via Facebook ads.
They install a stealthy new malware—JSCEAL—that hijacks wallets, steals passwords in real-time, and evades most detection tools.
Worse? It's still active.
Here’s how it works (and how to avoid it) ↓ https://thehackernews.com/2025/07/hackers-use-facebook-ads-to-spread.html
They install a stealthy new malware—JSCEAL—that hijacks wallets, steals passwords in real-time, and evades most detection tools.
Worse? It's still active.
Here’s how it works (and how to avoid it) ↓ https://thehackernews.com/2025/07/hackers-use-facebook-ads-to-spread.html
😁15🔥3👏3
🚨 120,000+ attacks in the wild.
Hackers are exploiting a critical bug (CVSS 9.8) in a popular WordPress theme to hijack sites—no login needed.
They’re planting PHP backdoors and rogue admin accounts.
Details here → https://thehackernews.com/2025/07/hackers-exploit-critical-wordpress.html
Hackers are exploiting a critical bug (CVSS 9.8) in a popular WordPress theme to hijack sites—no login needed.
They’re planting PHP backdoors and rogue admin accounts.
Details here → https://thehackernews.com/2025/07/hackers-exploit-critical-wordpress.html
👍12🤯6🔥3👏3
🔥 A hacker gang planted a 4G Raspberry Pi inside a bank’s ATM network—bypassing firewalls to install a rootkit called CAKETAP.
It spoofed PIN checks, hid processes, and aimed to trigger fraudulent withdrawals.
Details you should know ↓ https://thehackernews.com/2025/07/unc2891-breaches-atm-network-via-4g.html
It spoofed PIN checks, hid processes, and aimed to trigger fraudulent withdrawals.
Details you should know ↓ https://thehackernews.com/2025/07/unc2891-breaches-atm-network-via-4g.html
👏16👍7🔥6
🚨 SIEMs are failing the modern SOC.
🔹 Log overload is flooding analysts with noise
🔹 SaaS SIEMs spike costs during attacks
🔹 30% of analyst time is lost to false positives
A new model is rising: metadata, behavior, and real-time detection.
Here's what’s replacing it ↓ https://thehackernews.com/2025/07/alert-fatigue-data-overload-and-fall-of.html
🔹 Log overload is flooding analysts with noise
🔹 SaaS SIEMs spike costs during attacks
🔹 30% of analyst time is lost to false positives
A new model is rising: metadata, behavior, and real-time detection.
Here's what’s replacing it ↓ https://thehackernews.com/2025/07/alert-fatigue-data-overload-and-fall-of.html
👍7🔥2😁1
🚨 Cyberattacks are evolving fast—and so is defense.
SentinelOne just landed Leader status in Gartner’s 2025 Magic Quadrant for Endpoint Protection for the 5th year straight.
Its AI spots threats 63% faster and slashes response time in half.
What’s changing in cybersecurity → https://thehackernews.com/2025/07/ai-driven-trends-in-endpoint-security.html
SentinelOne just landed Leader status in Gartner’s 2025 Magic Quadrant for Endpoint Protection for the 5th year straight.
Its AI spots threats 63% faster and slashes response time in half.
What’s changing in cybersecurity → https://thehackernews.com/2025/07/ai-driven-trends-in-endpoint-security.html
👍7🔥4😁3🤔1
North Korea’s UNC4899 hacked two firms via LinkedIn and Telegram job lures—tricking devs into running malicious Docker containers.
They breached Google Cloud & AWS, stole creds, bypassed MFA, injected wallet-hijacking JavaScript—and stole millions in crypto.
Details here → https://thehackernews.com/2025/07/n-korean-hackers-used-job-lures-cloud.html
They breached Google Cloud & AWS, stole creds, bypassed MFA, injected wallet-hijacking JavaScript—and stole millions in crypto.
Details here → https://thehackernews.com/2025/07/n-korean-hackers-used-job-lures-cloud.html
😱21👍6🔥5😁2🤔2
🚨 Hackers are hijacking Proofpoint + Bitly to bypass email defenses and steal Microsoft 365 credentials.
Phishing links look legit—wrapped, shortened, and sent from trusted accounts.
Even “protected” emails are now weaponized.
Details you need → https://thehackernews.com/2025/07/experts-detect-multi-layer-redirect.html
Phishing links look legit—wrapped, shortened, and sent from trusted accounts.
Even “protected” emails are now weaponized.
Details you need → https://thehackernews.com/2025/07/experts-detect-multi-layer-redirect.html
😁12🔥5
🛑 Russia’s Secret Blizzard hackers are hijacking embassy internet traffic in Moscow—at the ISP level.
They’re using fake Kaspersky alerts + a new malware “ApolloShadow” to silently take over devices.
Microsoft confirms: the campaign is ongoing.
Details here → https://thehackernews.com/2025/07/secret-blizzard-deploys-malware-in-isp.html
They’re using fake Kaspersky alerts + a new malware “ApolloShadow” to silently take over devices.
Microsoft confirms: the campaign is ongoing.
Details here → https://thehackernews.com/2025/07/secret-blizzard-deploys-malware-in-isp.html
🤯21👏8😁4👍2🔥2
🚨 China-linked hackers just deployed two ransomware strains—Warlock and LockBit Black—using a custom C2 framework called AK47 C2.
They’re hijacking legit tools, faking Microsoft domains, and disabling antivirus with a Chinese driver.
Details here → https://thehackernews.com/2025/08/storm-2603-exploits-sharepoint-flaws-to.html
They’re hijacking legit tools, faking Microsoft domains, and disabling antivirus with a Chinese driver.
Details here → https://thehackernews.com/2025/08/storm-2603-exploits-sharepoint-flaws-to.html
😱13🔥3👏2
🔐 "How much AI is too much in customer experiences?"
Users are starting to push back.
Join our new 📺 WEBINAR featuring an expert from @Okta as she reveals new research on how to balance innovation with trust—straight from the 2025 CIAM Trends Report.
👉 Watch the webinar now → https://thehacker.news/ai-customer-identity
Users are starting to push back.
Join our new 📺 WEBINAR featuring an expert from @Okta as she reveals new research on how to balance innovation with trust—straight from the 2025 CIAM Trends Report.
👉 Watch the webinar now → https://thehacker.news/ai-customer-identity
👍12🤔2
🚨 Hackers are poisoning your Python packages, hijacking logins & weaponizing AI.
The next wave of cyberattacks is already here—and most defenses won’t stop it.
3 New urgent cybersecurity webinars show how to lock down your code, identity & AI stack → https://www.linkedin.com/pulse/secure-your-ai-supply-chain-stack-3-new-cybersecurity-webinars-d9zwc/
The next wave of cyberattacks is already here—and most defenses won’t stop it.
3 New urgent cybersecurity webinars show how to lock down your code, identity & AI stack → https://www.linkedin.com/pulse/secure-your-ai-supply-chain-stack-3-new-cybersecurity-webinars-d9zwc/
⚡14🔥5👏1🤔1
🚨 SOCs are losing the AI race — and it’s not because of their tools.
They’re feeding cutting-edge AI systems junk data: incomplete logs, siloed alerts, zero context.
Meanwhile, attackers are training like elite athletes.
Here’s why defenders are falling behind ↓ https://thehackernews.com/2025/08/you-are-what-you-eat-why-your-ai.html
They’re feeding cutting-edge AI systems junk data: incomplete logs, siloed alerts, zero context.
Meanwhile, attackers are training like elite athletes.
Here’s why defenders are falling behind ↓ https://thehackernews.com/2025/08/you-are-what-you-eat-why-your-ai.html
🔥17
🚨 An AI-generated npm package just stole crypto from devs.
"kodane/patch-manager" posed as a legit Node.js tool — but hid a stealth wallet drainer that hit 1,500+ downloads before takedown.
Here’s what to know ↓ https://thehackernews.com/2025/08/ai-generated-malicious-npm-package.html
"kodane/patch-manager" posed as a legit Node.js tool — but hid a stealth wallet drainer that hit 1,500+ downloads before takedown.
Here’s what to know ↓ https://thehackernews.com/2025/08/ai-generated-malicious-npm-package.html
😱12⚡6👍4😁3
🚨 Hackers are using fake Microsoft OAuth apps + the Tycoon phishing kit to hijack 365 accounts
They’ve spoofed 50+ brands (Adobe, DocuSign, SharePoint), bypassing MFA with adversary-in-the-middle attacks.
3,000+ users hit across 900 orgs.
Details → https://thehackernews.com/2025/08/attackers-use-fake-oauth-apps-with.html
They’ve spoofed 50+ brands (Adobe, DocuSign, SharePoint), bypassing MFA with adversary-in-the-middle attacks.
3,000+ users hit across 900 orgs.
Details → https://thehackernews.com/2025/08/attackers-use-fake-oauth-apps-with.html
👍13😁4👏3
🚨 A single Slack message could hijack Cursor—AI code editor—with zero clicks.
CVE-2025-54135 let attackers run remote code just by posting in a public channel.
Cursor auto-executed it. No prompts. No approval.
Details here → https://thehackernews.com/2025/08/cursor-ai-code-editor-fixed-flaw.html
CVE-2025-54135 let attackers run remote code just by posting in a public channel.
Cursor auto-executed it. No prompts. No approval.
Details here → https://thehackernews.com/2025/08/cursor-ai-code-editor-fixed-flaw.html
👏18😁5🔥4🤔1😱1
🚨 Akira ransomware is hitting SonicWall SSL VPNs—some fully patched.
Researchers suspect a zero-day or credential abuse. Attacks surged in late July.
Org? Disable SSL VPN until further notice.
Full details ↓ https://thehackernews.com/2025/08/akira-ransomware-exploits-sonicwall.html
Researchers suspect a zero-day or credential abuse. Attacks surged in late July.
Org? Disable SSL VPN until further notice.
Full details ↓ https://thehackernews.com/2025/08/akira-ransomware-exploits-sonicwall.html
🔥18😁3👍2👏1🤔1
🚨 China-linked threat group hacked Southeast Asia telecoms — no data stolen, just full remote access to critical networks for 9 months.
They used stealth malware, tunneled through mobile operators, and wiped their tracks.
Here’s what we know ↓ https://thehackernews.com/2025/08/cl-sta-0969-installs-covert-malware-in.html
They used stealth malware, tunneled through mobile operators, and wiped their tracks.
Here’s what we know ↓ https://thehackernews.com/2025/08/cl-sta-0969-installs-covert-malware-in.html
😱22🔥11👏4😁4👍1