The Hacker News

⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Weekly cybersecurity recap covering emerging threats, fast-moving attacks, critical flaws, and key security developments you ...
The Hacker News

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
The Hacker News

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Indian users face a cyber espionage campaign using tax phishing, Blackmoon malware, and abused SyncFuture TSM tools for ...
The Hacker News

Winning Against AI-Based Attacks Requires a Combined Defensive Approach

AI-powered attacks are evading EDR via steganography, AV abuse, and automation, forcing a shift toward combined NDR and EDR ...
The Hacker News

OT Security, In Practice: 4 Cross‑Industry Trends from Global Assessments and How CISOs Should Respond

OT cyber incidents commonly start from IT gaps like weak remote access, identity reuse & poor recovery, enabling escalation into operational outages.
The Hacker News

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

CISA added VMware vCenter vulnerability CVE-2024-37079 to its KEV list after confirmed in-the-wild exploitation, urging ...
The Hacker News

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

A multi-stage phishing campaign targeting Russia abuses GitHub and Dropbox to disable Microsoft Defender and deploy Amnesia ...
The Hacker News

Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents

AI agents break traditional IAM by enabling delegated access, authorization bypass, and high-risk ownerless organizational ...
The Hacker News

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

ESET links Russia-backed Sandworm to a failed December 2025 cyberattack using DynoWiper malware against Poland’s power and renewable energy systems.
The Hacker News

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access

Researchers uncovered a two-stage phishing attack stealing email logins to install LogMeIn Resolve RMM for persistent, hidden ...
The Hacker News

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft reports a multi-stage AitM phishing and BEC campaign abusing SharePoint, inbox rules, and stolen session cookies to ...