News

The Hacker News3h
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram ...
The Hacker News10h
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to ...
The Hacker News10h
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
CVE-2025-32433 in Erlang SSH scores 10.0 CVSS, enables unauthenticated code execution on telecom and IoT systems.
The Hacker News10h
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
The flaw is assessed to be a variant of CVE-2024-43451 (CVSS score: 6.5), which was patched by Microsoft in November 2024 and ...
The Hacker News1d
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Smishing kits by Wang Duo Yu enabled toll fraud in 8 U.S. states since Oct 2024, stealing user data via fake E-ZPass pages.
The Hacker News1d
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
In case of a .NET executable, the encrypted embedded payload – an Agent Tesla variant suspected to be Snake Keylogger or ...
The Hacker News1d
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
XorDDoS is a well-known malware that has a track record of striking Linux systems for over a decade. In May 2022, Microsoft ...
The Hacker News1d
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
Capping off the new additions to the Mustang Panda's malware arsenal is SplatCloak, a Windows kernel driver deployed by ...
The Hacker News1d
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
ClickFix malware tactic used by Iran, Russia, and North Korea from Nov 2024–Feb 2025 replaces payload delivery in major ...
The Hacker News2d
Artificial Intelligence – What's all the fuss?
In mid October 2024, our "World Watch" security intelligence capability published an advisory that summarized the use of AI ...
The Hacker News2d
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps ...
The Hacker News2d
Blockchain Offers Security Benefits – But Don't Neglect Your Passwords
Blockchain is a secure way to maintain, encrypt, and exchange digital records of transactions. Its security benefits stem ...