🚨 Fortra GoAnywhere MFT: CVSS 10 (CVE-2025-10035) lets attackers run commands via forged license response.

Thousands exposed; same admin path as the 2023 LockBit-hit bug—weaponization likely.

Details → https://thehackernews.com/2025/09/fortra-releases-critical-patch-for-cvss.html

Patch 7.8.4/7.6.3; restrict Admin Console.

🚨 1,500 hacked servers/day are being rented out via REM Proxy—powered by SystemBC.

~80% are cloud servers (VPS); infections often last 31+ days.

The network markets 20k MikroTik routers and is used to brute-force WordPress creds.

Details here → https://thehackernews.com/2025/09/systembc-powers-rem-proxy-with-1500.html

🇮🇷 Iran’s IRGC hackers just breached 34 devices across 11 telecom giants—using fake LinkedIn job offers.

👥 They posed as HR, ran “interviews,” then secretly dropped a stealth backdoor called MINIBIKE hidden in Azure traffic.

Read → https://thehackernews.com/2025/09/unc1549-hacks-34-devices-in-11-telecom.html

⚠️ Warning — One hidden email could trick ChatGPT’s Deep Research into stealing your Gmail inbox.

Dubbed “ShadowLeak,” this stealth attack hides commands in invisible HTML, making the AI grab and exfiltrate your data—without a single click.

Details → https://thehackernews.com/2025/09/shadowleak-zero-click-flaw-leaks-gmail.html

⚠️ First-ever GPT-4 powered malware uncovered.

Researchers found “MalTerminal,” a prototype that can write its own ransomware or reverse shell—code dated before Nov 2023.

Hackers are also slipping hidden prompts into phishing emails to trick AI scanners and unleash Follina exploits.

Full story → https://thehackernews.com/2025/09/researchers-uncover-gpt-4-powered.html

🚨 North Korea’s Lazarus-linked hackers strike again!

Fake crypto job interviews → bogus “mic fix” → BeaverTail + InvisibleFerret malware hits Windows, Mac & Linux.

😱 One click and your data’s gone.

🔗 Full report → https://thehackernews.com/2025/09/dprk-hackers-use-clickfix-to-deliver.html

⚠️ macOS users beware! Hackers are pushing fake GitHub repos mimicking apps like LastPass, Dropbox & Notion—spreading the Atomic Stealer malware via Google & Bing searches.

Read: https://thehackernews.com/2025/09/lastpass-warns-of-fake-repositories.html

🔗 Double-check every download. Your data could be next.

🔥 Microsoft patched a perfect 10.0 CVE in Entra ID (ex-Azure AD) that let attackers impersonate any user, even Global Admins—across every tenant worldwide.

🔑 MFA? Conditional Access? Logging? All bypassed. Total tenant takeover—SharePoint, Exchange, Azure resources.

Details here → https://thehackernews.com/2025/09/microsoft-patches-critical-entra-id.html

In cybersecurity, Quantum + AI aren’t just buzzwords.

🔒 63% of orgs say quantum will break today’s encryption.

🤖 93% already face daily AI-driven attacks.
The storm’s here. Are you ready?

Full expert guide + webinar ↓ https://thehacker.news/ai-quantum-resilience

⚡ Cybersecurity Weekly Recap!

Hackers move in hours, not weeks—mixing AI-driven attacks, zero-days & supply-chain breaches.

💡 Key Takeaways:
• Old flaws keep resurfacing
• AI gives cybercriminals lightning speed
• Supply chains stay a prime target

👉 Read the latest edition: https://thehackernews.com/2025/09/weekly-recap-chrome-0-day-ai-hacking.html

⚠️ Bots outnumber humans 80:1 in your network.

• AI agents & service accounts vastly outnumber employees
• Many have unlimited access with no oversight
• One stolen token = instant attacker backdoor

👉 Spot them before hackers do: https://thehackernews.com/2025/09/how-to-gain-control-of-ai-agents-and.html

🚨 Just announced: AI in GRC is getting an upgrade with the announcement of Hyperproof's new AI feature release.

Security teams are buried in evidence collection, testing, and reporting. Hyperproof AI takes that manual grind off your plate so you can focus on outcomes that actually reduce risk.

✨ What makes Hyperproof AI different:

• Simplify and scale: Smart recommendations tailored to your business.
• Find answers fast: Natural language search surfaces what you need in seconds.
• Automate the grind: Streamline evidence collection, testing, and reporting
• Trust built-in: Transparency, human oversight, and control at every step.

Hyperproof AI doesn’t just “assist,” it orchestrates AI agents to discover, validate, advise, and act, with humans in the loop.

Hyperproof believes GRC can be a growth driver. That’s why they're excited to introduce Hyperproof AI, an end-to-end AI-powered GRC platform, now in early access.

Learn more: https://thn.news/ai-compliance-boost

🚨 Two major cyberattacks exposed:

• ComicForm is phishing Belarus, Kazakhstan & Russia with fake “PDF” EXEs to drop Formbook & steal creds.

• SectorJ149 is hitting South Korea’s manufacturing sector with Formbook, Lumma Stealer & Remcos RAT.

Full details → https://thehackernews.com/2025/09/comicform-and-sectorj149-hackers-deploy.html

➡️ UPDATE: Iran-linked hackers level up: Nimbus Manticore now mirrors Subtle Snail tactics—using MiniJunk & MiniBrowse malware to hit defense and telecoms in Denmark, Sweden & Portugal.

Full story → https://thehackernews.com/2025/09/unc1549-hacks-34-devices-in-11-telecom.html

🚨 42% of top banks and insurers suffered severe DDoS damage this year—despite bigger budgets.

💸 85% increased spending, yet only 5% trust their defenses.

Spending more ≠ safer.

Here’s the reality check ↓ https://thehackernews.com/expert-insights/2025/09/the-state-of-ddos-defenses-unpacking.html

🚨 Chinese hackers are hijacking legit websites to poison Google results.

Experts uncovered Operation Rewrite: a BadIIS malware campaign targeting East & Southeast Asia—redirecting search traffic to scam sites and even planting web shells for deeper breaches.

Read → https://thehackernews.com/2025/09/badiis-malware-spreads-via-seo.html

🚨 GitHub is tightening npm security after a worm called Shai-Hulud spread through hundreds of packages and tried to steal secrets.

— Old tokens will be removed
— 2FA will be required
— New “trusted publishing” proves where each package came from

Full story → https://thehackernews.com/2025/09/github-mandates-2fa-and-short-lived.html

🚨 New DDoS-for-hire threat: ShadowV2

Hackers are renting out a botnet that hijacks misconfigured AWS Docker servers—using a Go-based RAT and Python C2 on GitHub Codespaces—to launch massive HTTP/2 “Rapid Reset” attacks and even bypass Cloudflare protections.

Read → https://thehackernews.com/2025/09/shadowv2-botnet-exploits-misconfigured.html

Wells Fargo cut 23% of staff, BofA dropped 88k, Verizon says headcount keeps falling—while 86% of breaches use stolen creds and take 292 days to contain.

Lean teams = $11M+ per secret leak.

Here’s what CISOs need to know ↓ https://thehackernews.com/2025/09/lean-teams-higher-stakes-why-cisos-must.html

🚨 Critical flaw in SolarWinds Web Help Desk (CVE-2025-26399, CVSS 9.8) lets attackers run code without logging in.

This is the third patch attempt—after two previous “fixes” were bypassed.

Admins: update to 12.8.7 HF1 now.

Full story → https://thehackernews.com/2025/09/solarwinds-releases-hotfix-for-critical.html