News

The Hacker News5h
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Supply chain attack infects 16 GlueStack npm packages used by 1M weekly users, enabling malware that steals data and controls ...
The Hacker News5h
Malicious Browser Extensions Infect Over 700 Users Across Latin America Since Early 2025
A phishing campaign infects 722 users with malicious browser extensions in Latin America to steal bank login data.
The Hacker News1d
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
A new malware campaign tricks macOS users with fake Spectrum CAPTCHA sites to steal passwords and deliver Atomic Stealer ...
The Hacker News2d
New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
PathWiper malware hit Ukraine’s critical systems in 2025, wiping data via admin console access and worsening conflict-driven ...
The Hacker News2d
Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV
AEV automates continuous attack simulations for organizations, helping prioritize exploitable risks and improve cyber ...
The Hacker News3d
Researchers Detail Bitter APT's Evolving Tactics as Its Geographic Scope Expands
New findings reveal Bitter, an Indian-aligned threat group targeting governments via spear-phishing and advanced malware ...
The Hacker News2d
Empower Users and Protect Against GenAI Data Loss
The Zscaler ThreatLabz team has been tracking AI and machine learning (ML) traffic across enterprises, and the numbers tell a ...
The Hacker News2d
Fake Docusign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack
Fake Gitcode and DocuSign sites are tricking users into running PowerShell scripts that install NetSupport RAT.
The Hacker News3d
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Cisco patches critical ISE flaw affecting AWS, Azure, OCI users—unauthenticated access could expose sensitive systems.
The Hacker News3d
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and ...
The Hacker News6d
Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, ...
The Hacker News4d
HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce ...