The Hacker News

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Researchers expose new WordPress malware and ClickFix phishing kits exploiting cache smuggling for stealth attacks.
The Hacker News

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

Cybersecurity company Imperva, which discovered and reported the problem in July 2025, described CVE-2025-53967 as a "design ...
The Hacker News

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

The access afforded by the ANTSWORD web shell is then used to run the "whoami" command to determine the privileges of the web ...
The Hacker News

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote ...
The Hacker News

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

This Halloween, The Hacker News and Specops Software invite you to a live webinar: " Cybersecurity Nightmares: Tales from the ...
The Hacker News

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once ...
The Hacker News

Identity and AI Threats: Developing an Access Management Defence-in-Depth Strategy

AI-driven threats are redefining identity security, demanding smarter authentication and preemptive defense strategies.