⚠️ ALERT: Chinese hackers hijacked Wi-Fi portals to spy on diplomats—using fake Adobe updates signed with valid certificates.

The attack drops a PlugX backdoor that steals files, logs keystrokes & runs remote commands.

Here’s how it works ↓ https://thehackernews.com/2025/08/unc6384-deploys-plugx-via-captive.html

CISA just flagged 3 new actively exploited flaws—two in Citrix Session Recording, one in Git.

The Git bug (CVE-2025-48384) can let attackers run arbitrary code just by cloning a repo. Proof-of-concept exploit is already out.

Here’s what you need to know ↓ https://thehackernews.com/2025/08/cisa-adds-three-exploited.html

🛑 Important: Google is locking down Android.

Starting Sept 2026, every app — even outside the Play Store — must come from a verified developer.

No more anonymous sideloads. No quick comebacks for malware gangs.

First up: Brazil, Indonesia, Singapore, Thailand.

Full story ↓ https://thehackernews.com/2025/08/google-to-verify-all-android-developers.html

📢 Google & Workday both confirmed breaches this summer — attackers slipped in through social engineering, not software flaws.

The group behind it, ShinyHunters, used phone scams + fake apps to access Salesforce data.

Here’s what actually happened ↓ https://thehackernews.com/expert-insights/2025/08/shinyhunters-data-breach-vs-saas-why.html

🚨 A new Android banking trojan just leveled up: HOOK now locks victims’ screens with ransomware-style extortion demands.

Worse? It can also steal your banking logins, crypto wallets, PIN codes—and even stream your screen.

Here’s how it works ↓ https://thehackernews.com/2025/08/hook-android-trojan-adds-ransomware.html

🚨 Over 100 hacked WordPress sites are being used in a new campaign called ShadowCaptcha — luring visitors with fake CAPTCHA checks that drop info-stealers, ransomware, and crypto miners.

The trick? Copy-pasted commands from your clipboard turn into attacks.

Here’s what you need to know ↓ https://thehackernews.com/2025/08/shadowcaptcha-exploits-wordpress-sites.html

Hackers are hijacking “Contact Us” forms to breach supply chain giants.

Weeks of fake NDAs and polite emails → a booby-trapped ZIP delivers MixShell, stealth malware built to stay hidden.

This isn’t phishing as you know it.

Learn more ↓ https://thehackernews.com/2025/08/mixshell-malware-delivered-via-contact.html

🚨 Cyberattacks are faster than ever.

For the 5th year straight, Gartner named SentinelOne a Leader in Endpoint Protection—thanks to AI that detects threats 63% faster and auto-rolls back ransomware.

Details → https://thehackernews.com/2025/07/ai-driven-trends-in-endpoint-security.html

🚨 New 5G attack discovered.

Researchers built Sni5Gect, a tool that can hijack the 5G handshake, crash phones, or silently downgrade them to 4G — no fake cell tower needed.

Here’s the full story → https://thehackernews.com/2025/08/new-sni5gect-attack-crashes-phones-and.html

🚨 Citrix just patched 3 critical NetScaler flaws—one (CVE-2025-7775) is already under active attack.

Hackers can hijack systems (RCE) or crash them. No workarounds, only updates.

Admins need to move fast.

Full details here → https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html

⚠️ Cyber researchers just exposed 5 attack clusters tied to hacking group Blind Eagle—targeting Colombia’s government, banks, and critical sectors since 2024.

They’re using cracked RATs, fake bank portals, and even Discord & Google Drive to deliver malware.

Details → https://thehackernews.com/2025/08/blind-eagles-five-clusters-target.html

Hackers hijacked Salesloft’s Drift AI chat app to steal OAuth tokens and break into Salesforce customer data.

They weren’t after marketing chats — they pulled AWS access keys, Snowflake tokens, and credentials.

Details here → https://thehackernews.com/2025/08/salesloft-oauth-breach-via-drift-ai.html

BeyondTrust recently dropped the cybersecurity's first-ever arcade game! 🕹️

It's fast, fun, and sneakily educational. Test your reflexes now - no sign-ups, no cookies, just pure fun.

Play now: https://thn.news/acronym-game

⚡ Employees are flooding your stack with AI tools.

The real danger isn’t adoption—it’s shadow AI leaking data with zero guardrails.

🔍 CISOs: 5 rules to stop today’s experiments from becoming tomorrow’s breach ↓ https://thehackernews.com/2025/08/the-5-golden-rules-of-safe-ai-adoption.html

🚨 ShadowSilk hackers just hit nearly 30+ gov targets across Central Asia & APAC.

The crew? A Russian-Chinese tag team using Telegram bots to hide C2 traffic + stealing Chrome passwords.

They’re still active—new victims found in July.

Read → https://thehackernews.com/2025/08/shadowsilk-hits-36-government-targets.html

Hackers just weaponized Anthropic’s AI chatbot Claude to run ransomware-style attacks.

📌 17 orgs hit—healthcare, gov, even emergency services
📌 Ransoms up to $500K
📌 The AI made its own decisions on what data to steal

This is the future of cybercrime.

Full story → https://thehackernews.com/2025/08/anthropic-disrupts-ai-powered.html

🚨 AI-powered ransomware is here.

Researchers just uncovered PromptLock—ransomware strain that uses OpenAI’s new gpt-oss:20b model to write unique attack scripts on every run.

◉ Cross-platform: Windows, Linux, macOS.
◉ Harder to spot. Harder to stop.
◉ For now, it’s “just” a PoC.

Details → https://thehackernews.com/2025/08/someone-created-first-ai-powered.html

⚠️ More tools ≠ more security.

Keeper’s CEO says layered products can’t keep up—only a unified platform with zero trust, least privilege & AI can.

The future of defense isn’t more tools. It’s one platform.

Watch... Here’s why → https://thehackernews.com/videos/2025/08/the-new-mindset-platforms-over-products.html

🔑 Ransomware without the ransomware.

Storm-0501 just rewrote the playbook:
→ No malware
→ No encryption
→ Just full cloud takeover

They steal your data, erase backups, then demand ransom—over Microsoft Teams.

The playbook is wild ↓ https://thehackernews.com/2025/08/storm-0501-exploits-entra-id-to.html

🔥 Shadow AI agents are sneaking into your workflows, launched with one click—and they're using hidden identities to evade detection.

The scary part? They're multiplying unchecked, risking your entire cloud security.

Join this latest free webinar with experts to learn to spot and stop them: https://thehacker.news/shadow-ai-agents