News

The Hacker News2h
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected ...
The Hacker News3h
The New Face of DDoS is Impacted by AI
DDoS attacks historically relied on volume and persistence. But if AI is embedded in the attacker's toolkit, the rules change ...
The Hacker News3h
Why SaaS AI Governance Should Be on Every CISO's Agenda
Regularly scan for any new AI services or features popping up in your SaaS environment, and evaluate any updates to vendors' ...
The Hacker News1d
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
State-backed hackers breached Southeast Asia telecoms using advanced tools—no data stolen, but stealth access achieved.
The Hacker News1d
New 'Plague' PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system ...
The Hacker News2d
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...
The Hacker News2d
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...
The Hacker News2d
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
Akira ransomware exploits SonicWall SSL VPNs, hitting patched devices. Organizations face risks from possible zero-day flaw.
The Hacker News2d
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...
The Hacker News3d
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto
UNC4899 used job lures and cloud exploits to breach two firms, steal crypto, and embed malware in open source.
The Hacker News4d
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to ...
The Hacker News2d
You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
The solution lies in fundamentally reimagining security data architecture around what AI models actually need to perform ...