The Hacker News

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Malicious PyPI package soopsocks downloaded 2,653 times before takedown, exfiltrating Windows data to Discord.
The Hacker News

ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing — no corner of technology is ...
The Hacker News

Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

Google Mandiant tracks FIN11’s high-volume extortion emails exploiting Oracle E-Business Suite, possibly linked to Cl0p.
The Hacker News

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

The ProSpy campaign, discovered in June 2025, is believed to have been ongoing since 2024, leveraging deceptive websites ...
The Hacker News

Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

Automated workflows accelerate pentest delivery, cut delays, and ensure real-time vulnerability remediation visibility.
The Hacker News

Learn How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

AI-only workflows risk fragility and compliance issues—learn secure, explainable automation in this Tines webinar.
The Hacker News

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

SGX is designed as a hardware feature in Intel server processors that allows applications to be run in a Trusted Execution ...
The Hacker News

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

CVE-2025-59363 "allowed attackers with valid API credentials to enumerate and retrieve client secrets for all OIDC ...
The Hacker News

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

Bitdefender's 2025 Cybersecurity Assessment Report paints a sobering picture of today's cyber defense landscape: mounting ...
The Hacker News

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

Phantom Taurus' modus operandi also stands out due to the use of custom-developed tools and techniques rarely observed in the ...
The Hacker News

New $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

Battering RAM compromises Intel's Software Guard Extensions ( SGX) and AMD's Secure Encrypted Virtualization with Secure ...
The Hacker News

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial ...