🚨 DoJ slams BreachForums’ creator with 3 YEARS in prison
Conor “Pompompurin” Fitzpatrick, 22, finally gets hard time after an appeals court tossed his shockingly light 17-day sentence.
He ran a hacker marketplace with 14 BILLION stolen records—and was caught with child abuse material.
Full story → https://thehackernews.com/2025/09/doj-resentences-breachforums-founder-to.html
Conor “Pompompurin” Fitzpatrick, 22, finally gets hard time after an appeals court tossed his shockingly light 17-day sentence.
He ran a hacker marketplace with 14 BILLION stolen records—and was caught with child abuse material.
Full story → https://thehackernews.com/2025/09/doj-resentences-breachforums-founder-to.html
🤯10🔥4😱1
🚨 Scattered Spider isn’t gone—and now hitting U.S. banks.
Hackers tricked an exec, hijacked Azure accounts, raided VMware servers & tried to steal cloud data.
Their “retirement” was a smokescreen.
Full story → https://thehackernews.com/2025/09/scattered-spider-resurfaces-with.html
Hackers tricked an exec, hijacked Azure accounts, raided VMware servers & tried to steal cloud data.
Their “retirement” was a smokescreen.
Full story → https://thehackernews.com/2025/09/scattered-spider-resurfaces-with.html
👏9🔥5
Meet Georgetown's cybersecurity faculty on October 2 to learn more about the Cybersecurity Risk Management master's program.
Advance your cybersecurity career with Georgetown.
👉 View event: https://thn.news/scs-cybersec-2025
Advance your cybersecurity career with Georgetown.
👉 View event: https://thn.news/scs-cybersec-2025
👏5
⚠️ Most “AI security” tools can’t see what your team pastes into ChatGPT or uploads to personal AI apps.
Bans? They just drive shadow AI deeper.
🔑 Real fix: last-mile, in-browser controls—redact, warn, allow—no clunky agents or network reroutes.
Full guide → https://thehackernews.com/2025/09/rethinking-ai-data-security-buyers-guide.html
Bans? They just drive shadow AI deeper.
🔑 Real fix: last-mile, in-browser controls—redact, warn, allow—no clunky agents or network reroutes.
Full guide → https://thehackernews.com/2025/09/rethinking-ai-data-security-buyers-guide.html
🔥8👍1
🚨 China-backed hackers just impersonated top U.S. officials to steal intel.
They posed as the House China Committee chair & the U.S.-China Business Council, luring trade experts—then slipped in a Visual Studio Code backdoor.
Here’s the full report→ https://thehackernews.com/2025/09/chinese-ta415-uses-vs-code-remote.html
They posed as the House China Committee chair & the U.S.-China Business Council, luring trade experts—then slipped in a Visual Studio Code backdoor.
Here’s the full report→ https://thehackernews.com/2025/09/chinese-ta415-uses-vs-code-remote.html
😁7😱3🤯1
⚠️ Quantum hackers could shatter today’s encryption overnight.
🤖 AI attacks already trick 60%—breaches cost $10M+.
The cyber storm is here. Join our next expert WEBINAR to learn how to lock down your data before Q-day.
👉 Save your seat now ↓ https://thehackernews.com/2025/09/from-quantum-hacks-to-ai-defenses.html
🤖 AI attacks already trick 60%—breaches cost $10M+.
The cyber storm is here. Join our next expert WEBINAR to learn how to lock down your data before Q-day.
👉 Save your seat now ↓ https://thehackernews.com/2025/09/from-quantum-hacks-to-ai-defenses.html
😁7👍3⚡2
🛡️ No more guessing on container security. Securing the Stack breaks down what really works—from busting myths and risks, to building trusted images, to securing your full CI/CD pipeline.
Get the expert blueprint your team needs to lock down vulnerabilities and ship software with confidence.
➡️ Join the 20-min webinar to learn why simply containerizing your applications does not make them safe: https://thn.news/stack-security-webinar
Get the expert blueprint your team needs to lock down vulnerabilities and ship software with confidence.
➡️ Join the 20-min webinar to learn why simply containerizing your applications does not make them safe: https://thn.news/stack-security-webinar
🔥11
🚨 AI-powered hotel hack on the rise:
Cyber gang TA558 (RevengeHotels) is using LLM-generated phishing emails in Portuguese & Spanish to drop Venom RAT—a $650 malware that steals guest credit-card data, kills Microsoft Defender & spreads via USB 🏨💳
Full report → https://thehackernews.com/2025/09/ta558-uses-ai-generated-scripts-to.html
Cyber gang TA558 (RevengeHotels) is using LLM-generated phishing emails in Portuguese & Spanish to drop Venom RAT—a $650 malware that steals guest credit-card data, kills Microsoft Defender & spreads via USB 🏨💳
Full report → https://thehackernews.com/2025/09/ta558-uses-ai-generated-scripts-to.html
⚡11
🚨 UPDATE: New intel on Russia’s APT28 attack...
Sekoia says Operation Phantom Net Voxel used Signal to send booby-trapped Word docs, dropping COVENANT & BEARDSHELL malware.
Full update → https://thehackernews.com/2025/06/apt28-uses-signal-chat-to-deploy.html
Sekoia says Operation Phantom Net Voxel used Signal to send booby-trapped Word docs, dropping COVENANT & BEARDSHELL malware.
Full update → https://thehackernews.com/2025/06/apt28-uses-signal-chat-to-deploy.html
😁8🔥5
🚨 Chrome users: a new zero-day is under active attack.
CVE-2025-10585 targets Chrome’s V8 engine—Chrome’s 6th zero-day of 2025.
Details → https://thehackernews.com/2025/09/google-patches-chrome-zero-day-cve-2025.html
⚡ Update now: 140.0.7339.185/.186 (Win/macOS), 140.0.7339.185 (Linux).
If you use Edge/Brave/Opera/Vivaldi, patch too.
CVE-2025-10585 targets Chrome’s V8 engine—Chrome’s 6th zero-day of 2025.
Details → https://thehackernews.com/2025/09/google-patches-chrome-zero-day-cve-2025.html
⚡ Update now: 140.0.7339.185/.186 (Win/macOS), 140.0.7339.185 (Linux).
If you use Edge/Brave/Opera/Vivaldi, patch too.
😁19🔥4👍2😱2⚡1
🕵️♀️ Two fake Python packages just dropped a powerful RAT on Windows.
“sisaws” & “secmeasure” secretly install SilentSync — capable of stealing browser passwords, files, and screenshots.
Full story → https://thehackernews.com/2025/09/silentsync-rat-delivered-via-two.html
“sisaws” & “secmeasure” secretly install SilentSync — capable of stealing browser passwords, files, and screenshots.
Full story → https://thehackernews.com/2025/09/silentsync-rat-delivered-via-two.html
😱11👍1
🔥 AI is now the biggest career risk for CISOs—bigger than any breach.
⚡Move too fast → data leaks & shadow AI spread.
🐢Move too slow → rivals race ahead.
How to stay secure and competitive ↓ https://thehackernews.com/2025/09/how-cisos-can-drive-effective-ai.html
⚡Move too fast → data leaks & shadow AI spread.
🐢Move too slow → rivals race ahead.
How to stay secure and competitive ↓ https://thehackernews.com/2025/09/how-cisos-can-drive-effective-ai.html
⚡5👍4
🚨Lazarus escalated activities in 2025 with companies already suffering billions in losses.
This APT’s attacks are evolving and getting harder to detect.
Read actionable report on its current campaigns to be ready for the next attack ⬇️ https://thn.news/lazarus-attacks-2025
This APT’s attacks are evolving and getting harder to detect.
Read actionable report on its current campaigns to be ready for the next attack ⬇️ https://thn.news/lazarus-attacks-2025
👍8
⚠️ ‘CountLoader’ is arming Russian ransomware (LockBit, Black Basta, Qilin)—dropping Cobalt Strike, AdaptixC2 & PureHVNC.
It spreads via fake Ukrainian police PDFs & DeepSeek lures, hijacks browsers, hides as “Google Update,” and abuses certutil/bitsadmin.
Details → https://thehackernews.com/2025/09/countloader-broadens-russian-ransomware.html
It spreads via fake Ukrainian police PDFs & DeepSeek lures, hijacks browsers, hides as “Google Update,” and abuses certutil/bitsadmin.
Details → https://thehackernews.com/2025/09/countloader-broadens-russian-ransomware.html
😁8🤯4👍1
🚨 SonicWall Breach Alert: Hackers broke into its cloud backups and accessed firewall config files for <5% of customers.
⚠️ Encrypted credentials were inside—but the stolen data could help attackers exploit those firewalls next.
Here’s what every SonicWall user needs to do ↓ https://thehackernews.com/2025/09/sonicwall-urges-password-resets-after.html
⚠️ Encrypted credentials were inside—but the stolen data could help attackers exploit those firewalls next.
Here’s what every SonicWall user needs to do ↓ https://thehackernews.com/2025/09/sonicwall-urges-password-resets-after.html
🔥8😁4👍1
❓What do you get when you combine AI + Quantum? Great potential.
But when it comes to cybersecurity, you also get challenges.
Quantum + AI are already reshaping cyber risk.
Hear all about it from ex-NIST, Nokia Bell Labs & global security leaders in our live webinar ↓ https://thehackernews.uk/ai-quantum-webinar
But when it comes to cybersecurity, you also get challenges.
Quantum + AI are already reshaping cyber risk.
Hear all about it from ex-NIST, Nokia Bell Labs & global security leaders in our live webinar ↓ https://thehackernews.uk/ai-quantum-webinar
😱11
🚨 Hackers exploited 2 zero-day flaws in Ivanti EPMM to hijack servers.
CISA says they dropped custom Java malware that lets them run any code, steal LDAP creds & stay hidden.
Patch immediately or risk a breach.
Full details → https://thehackernews.com/2025/09/cisa-warns-of-two-malware-strains.html
CISA says they dropped custom Java malware that lets them run any code, steal LDAP creds & stay hidden.
Patch immediately or risk a breach.
Full details → https://thehackernews.com/2025/09/cisa-warns-of-two-malware-strains.html
👏13🔥3😁1