🤖 AI agents are taking over business operations—but they’re also creating new security threats. ⚠️

🛡️ Join Auth0’s Michelle Agroskin to learn how to secure AI, prevent data leaks, and stay ahead of attacks.

Save your spot now → https://thehacker.news/ai-agents-security

🚨 A Chinese hacking group just hit a Philippines military contractor with a new malware called EggStreme.

It doesn’t touch the disk—running entirely in memory—injects keyloggers, steals data, and moves across networks quietly.

Here’s what you need to know ↓ https://thehackernews.com/2025/09/chinese-apt-deploys-eggstreme-fileless.html

🚨 Hackers are hijacking ConnectWise ScreenConnect to secretly install AsyncRAT, a powerful remote access trojan.

Targets risk stolen passwords, crypto wallets, and keystrokes—all while the malware pretends to be a harmless “Skype Updater.”

Details ↓ https://thehackernews.com/2025/09/asyncrat-exploits-connectwise.html

⚠️ NEW SCAM ALERT! Fake browser extensions are hijacking Facebook & Instagram accounts.

Extensions promising the blue check or ad-boosting tools are secretly stealing cookies, credentials, and business accounts—then selling them on underground markets.

Read ↓ https://thehackernews.com/2025/09/fake-madgicx-plus-and-socialmetrics.html

⚠️ Companies are handing out admin-level access to randomly named “ephemeral” accounts—and then deleting them.

The result? Security teams have no idea who did what, leaving a massive blind spot for attackers.

Here’s how to fix it → https://thehackernews.com/expert-insights/2025/09/beyond-buzzwords-hidden-dangers-of.html

🚨 Akira ransomware is back — hammering SonicWall VPNs through a year-old flaw (CVE-2024-40766, CVSS 9.3).

One misstep in SonicWall’s LDAP “Default User Group” can hand attackers VPN + admin access the moment they steal a password.

Akira has already hit 967 victims and is surging again.

Check your configs. Fix it now.

Details here → https://thehackernews.com/2025/09/sonicwall-ssl-vpn-flaw-and.html

84% of company boards admit: cyber risk is a top business threat.

But here’s the kicker—only half actually understand it well enough to make smart decisions.

That disconnect puts revenue, growth, and even jobs on the line.

A new course is teaching CISOs how to finally bridge the boardroom gap ↓ https://thehackernews.com/2025/09/cracking-boardroom-code-helping-cisos.html

🚨 A U.S. Senator just accused Microsoft of gross cybersecurity negligence — saying it’s like an “arsonist selling firefighting services.”

A Bing click → ransomware → 5.6M patient records stolen.

All thanks to outdated defaults still in Windows.

Here’s what went down: https://thehackernews.com/2025/09/senator-wyden-urges-ftc-to-probe.html

Google just dropped a 🔥 update with the Pixel 10:

Your photos now come with cryptographic “nutrition labels” showing who made them, how, and even if AI was involved.

The Pixel Camera hit the highest security rating for this tech — a first for mobile.

Here’s why this matters ↓ https://thehackernews.com/2025/09/google-pixel-10-adds-c2pa-support-to.html

🚨 WARNING: Just opening the wrong repo in Cursor (the AI-powered VS Code fork) can secretly run code on your computer.

Why? Workspace Trust is off by default! A booby-trapped GitHub project = instant system compromise.

Here’s how it works (and how to stay safe) ↓ https://thehackernews.com/2025/09/cursor-ai-code-editor-flaw-enables.html

⚠️ A new ransomware is here → HybridPetya.

It doesn’t just lock your files — it can bypass Secure Boot on modern PCs, sneak into UEFI, and encrypt your entire system.Victims see a fake CHKDSK screen before being hit with a $1,000 Bitcoin demand.

The scariest part? Researchers say Secure Boot bypasses like this are becoming more common.

Details here → https://thehackernews.com/2025/09/new-hybridpetya-ransomware-bypasses.html

⚠️ Hackers are actively exploiting a critical flaw (CVSS 9.0) in Dassault’s DELMIA Apriso software.

The attack drops spyware that can log keystrokes, take screenshots & spy on apps. 👀

CISA says: Patch by Oct 2, 2025.

Read → https://thehackernews.com/2025/09/critical-cve-2025-5086-in-delmia-apriso.html

🔥 Cloud security is shifting fast: prevention isn’t enough.

The real battlefield? Runtime visibility — spotting what’s actually being attacked in production ⚡️

AI + CNAPPs are cutting through the noise so teams fix what matters, not chase alerts.

Details here ↓ https://thehackernews.com/2025/09/cloud-native-security-in-2025-why.html

🚨 Apple just warned users in France:

Spyware is back — iCloud devices targeted again (4th time this year).

🎯 Who’s in the crosshairs? Journalists, lawyers, activists, politicians.

The worst part? Zero-click hacks are still in play.

Full story ↓ https://thehackernews.com/2025/09/apple-warns-french-users-of-fourth.html

⚠️ Samsung just fixed a zero-day bug in Android 13–16.

Hackers were already using it to break in through a hidden image library 😳

If you’ve got a Galaxy, update ASAP. Don’t wait.

Here’s the full story → https://thehackernews.com/2025/09/samsung-fixes-critical-zero-day-cve.html

🚨 FBI warning: Hackers are raiding Salesforce to steal data + extort companies.

UNC6040 & UNC6395 are behind it—using stolen tokens, phishing calls, and custom tools.

ShinyHunters, LAPSUS$ & Scattered Spider teamed up… then suddenly claimed they’re “retiring.”

👀 Don’t count on it.

Details → https://thehackernews.com/2025/09/fbi-warns-of-unc6040-and-unc6395.html

🚨 Big malware attack on Chinese-speaking users:

🔹 Top Google results hijacked to push fake downloads of Chrome, Telegram, WhatsApp & more

🔹 Trojans dropped: HiddenGh0st, Winos (ValleyRAT) & new kkRAT

🔹 Steals crypto, logs keys, enables full remote control

Details → https://thehackernews.com/2025/09/hiddengh0st-winos-and-kkrat-exploit-seo.html

🚨 New AI-powered hacking tool sparks alarm:

China-linked “Villager” hit 11,000+ downloads on PyPI—already packing RAT plugins like AsyncRAT & Mimikatz.

🔑 It automates exploits, hides its tracks in self-destructing containers, and lowers the skill barrier for cyberattacks.

Full story → https://thehackernews.com/2025/09/ai-powered-villager-pen-testing-tool.html

🚨 AI-driven attacks are outsmarting firewalls & EDR—at machine speed.

The biggest weak spot? Your browser.

Lock it down before attackers do.

Full story → https://thehackernews.com/expert-insights/2025/09/taming-ais-threat-vectors-why-cisos.html

🚨 Browser attacks are skyrocketing—from Snowflake to Salesforce, attackers are stealing data by:

• Phishing kits that bypass MFA
• “ClickFix” tricks that make you run malware
• Malicious extensions sneaking past web stores

Your browser is now the hacker’s favorite door.

Details here → https://thehackernews.com/2025/09/6-browser-based-attacks-security-teams.html