[email protected] The Hacker News

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

[email protected] The Hacker News September 8, 2025

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For...

You Didn’t Get Phished — You Onboarded the Attacker

You Didn’t Get Phished — You Onboarded the Attacker

[email protected] The Hacker News September 8, 2025

When Attackers Get Hired: Today’s New Identity Crisis What if the star engineer you just hired isn’t...

Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign

Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign

[email protected] The Hacker News September 6, 2025

A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting...

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

[email protected] The Hacker News September 6, 2025

Sep 06, 2025Ravie LakshmananSoftware Security / Cryptocurrency A new set of four malicious packages have been discovered...

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

[email protected] The Hacker News September 5, 2025

Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25,...

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

[email protected] The Hacker News September 5, 2025

The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader has also developed a remote...

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

[email protected] The Hacker News September 5, 2025

Sep 05, 2025Ravie LakshmananVulnerability / Enterprise Security A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource...

Automation Is Redefining Pentest Delivery

Automation Is Redefining Pentest Delivery

[email protected] The Hacker News September 5, 2025

Sep 05, 2025The Hacker NewsPentesting / Security Operations Pentesting remains one of the most effective ways to...

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

[email protected] The Hacker News September 5, 2025

Sep 05, 2025Ravie LakshmananMalware / Cryptocurrency Cybersecurity researchers have flagged a new malware campaign that has leveraged...

Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries

Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries

[email protected] The Hacker News September 4, 2025

Sep 04, 2025Ravie LakshmananCybersecurity / Malware The Russian state-sponsored hacking group tracked as APT28 has been attributed...