News

The Hacker News17h
Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
Mobile-focused phishing using SEO poisoning and fake portals hit payroll systems in May 2025, rerouting salaries and evading ...
The Hacker News13h
Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages
Void Blizzard targeted over 20 NGOs using credential phishing via fake Entra logins, exfiltrating sensitive cloud data.
The Hacker News15h
Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets
The ZIP archive ("BitDefender.zip") contains an executable called "StoreInstaller.exe," which includes malware configurations ...
The Hacker News12h
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency
Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a ...
The Hacker News19h
Hackers Are Calling Your Office: FBI Alerts Law Firms to Luna Moth's Stealth Phishing Campaign
Luna Moth uses spoofed IT domains and callback phishing to access law firm data, bypassing detection with legitimate tools.
The Hacker News22h
Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents
TAG-110 abandoned HTA-based payloads in January 2025, using macro-enabled Word templates to target Tajik institutions.
The Hacker News17h
Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware
Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools ...
The Hacker News1d
CISO's Guide To Web Privacy Validation And Why It's Important
Download the full CISO's guide here. Website Privacy Validation tools shift privacy from reactive to proactive by ...
The Hacker News1d
Zscaler ThreatLabz 2025 Phishing Report: Phishing Evolves With GenAI
The Zscaler ThreatLabz 2025 Phishing Report dives deep into the rapidly evolving phishing landscape and uncovers the latest ...
The Hacker News4d
SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection
SafeLine WAF delivers 99.45% threat detection via semantic analysis + full self-hosted control + zero subscription fees.
The Hacker News1d
Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique
Latrodectus malware evades detection with ClickFix technique; TikTok and fake Ledger apps expand threat reach.
The Hacker News5d
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
CISA, which added CVE-2025-3928 to its Known Exploited Vulnerabilities Catalog in late April 2025, said it's continuing to ...