The Hacker News

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

The ProSpy campaign, discovered in June 2025, is believed to have been ongoing since 2024, leveraging deceptive websites ...
The Hacker News

ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing — no corner of technology is ...
The Hacker News

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Malicious PyPI package soopsocks downloaded 2,653 times before takedown, exfiltrating Windows data to Discord.
The Hacker News

Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

Google Mandiant tracks FIN11’s high-volume extortion emails exploiting Oracle E-Business Suite, possibly linked to Cl0p.
The Hacker News

Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

Confucius hackers target Pakistan with WooperStealer and Anondoor malware using phishing and DLL side-loading.
The Hacker News

Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

Automated workflows accelerate pentest delivery, cut delays, and ensure real-time vulnerability remediation visibility.
The Hacker News

How to Close Threat Detection Gaps: Your SOC's Action Plan

SOC teams looking to close detection gaps have found one approach that works: building detection as a continuous workflow, ...