News

The Hacker News2d

U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions

U.S. sanctions Garantex, successor Grinex, after $100M illicit crypto flow fuels ransomware and sanctions evasion.
The Hacker News1d

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

ERMAC was first documented by ThreatFabric in September 2021, detailing its ability to conduct overlay attacks against ...
The Hacker News1d

Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware

EncryptHub exploits CVE-2025-26633 with social engineering and rogue MSC files, delivering Fickle Stealer malware.
The Hacker News2d

Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution

The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation ...
The Hacker News2d

Zero Trust + AI: Privacy in the Age of Agentic AI

Because once an agent becomes adaptive and semi-autonomous, privacy isn't just about who has access to the data; it's about ...
The Hacker News3d

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

Defend against PhantomCard, SpyBanker, and KernelSU exploits—secure banking, block NFC fraud, and stop Android malware today.
The Hacker News4d

Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks

Researchers found 35 Docker Hub images, including Debian builds, still carrying the XZ Utils backdoor a year later, ...
The Hacker News1d

Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

UAT-7237 exploits unpatched Taiwan servers using SoundBill, Cobalt Strike, and SoftEther VPN for persistent control.
The Hacker News3d

Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon's Reach to Linux and macOS

The bespoke Cobalt Strike Beacon loader has been codenamed ReadNimeLoader. CrossC2, an unofficial Beacon and builder, is ...
The Hacker News3d

Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses

The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South ...
The Hacker News3d

New HTTP/2 'MadeYouReset' Vulnerability Enables Large-Scale DoS Attacks

MadeYouReset exploit bypasses HTTP/2 Rapid Reset mitigations, affecting major servers and enabling large-scale DoS attacks.
The Hacker News4d

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

"An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in ...