The Hacker News

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

Amazon reports a new AWS crypto mining campaign abusing IAM credentials, ECS, EC2, and termination protection for persistence ...
The Hacker News

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

A fake NuGet package mimicking Tracer.Fody stayed online for years, stealing Stratis wallet files and passwords from Windows ...
The Hacker News

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

React2Shell vulnerability CVE-2025-55182 is actively exploited to deploy Linux malware, run commands, and steal cloud ...
The Hacker News

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Attackers are exploiting two CVSS 9.8 FortiGate SSO authentication bypass flaws days after disclosure; Fortinet urges ...
The Hacker News

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon reports a GRU-linked APT44 campaign from 2021–2025 targeting energy and critical infrastructure using misconfigured ...
The Hacker News

Why Data Security and Privacy Need to Start in Code

Proactive Sensitive Data Leak Detection. Embed privacy across all stages in development, from IDE environments, with ...
The Hacker News

Google to Shut Down Dark Web Monitoring Tool in February 2026

Google will shut down its Dark Web Report in February 2026, ending breach scans and deleting user data to refocus on ...
The Hacker News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
The Hacker News

Featured Chrome Browser Extension Caught Intercepting Millions of Users' AI Chats

A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt ...
The Hacker News

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

Researchers report phishing emails in Russia using ISO attachments to deploy Phantom Stealer against finance and related ...
The Hacker News

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

VolkLocker uses AES-256 in Galois/Counter Mode ( GCM) for encryption through Golang's "crypto/rand" package. Every encrypted ...
The Hacker News

A Browser Extension Risk Guide After the ShadyPanda Campaign

Learn how the ShadyPanda campaign turned trusted browser extensions into spyware and the steps security teams can take to reduce extension risk.