The Hacker News

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Researchers expose new WordPress malware and ClickFix phishing kits exploiting cache smuggling for stealth attacks.
The Hacker News

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

Cybersecurity company Imperva, which discovered and reported the problem in July 2025, described CVE-2025-53967 as a "design ...
The Hacker News

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

The access afforded by the ANTSWORD web shell is then used to run the "whoami" command to determine the privileges of the web ...
The Hacker News

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote ...
The Hacker News

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

This Halloween, The Hacker News and Specops Software invite you to a live webinar: " Cybersecurity Nightmares: Tales from the ...
The Hacker News

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once ...
The Hacker News

Identity and AI Threats: Developing an Access Management Defence-in-Depth Strategy

AI-driven threats are redefining identity security, demanding smarter authentication and preemptive defense strategies.
The Hacker News

Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them

Google’s DeepMind unveils CodeMender, an AI agent that auto-fixes code vulnerabilities and enhances software security.
The Hacker News

BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers

The executable is a Golang malware dubbed Vampire Bot that can profile the infected host, steal a wide range of information, ...
The Hacker News

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft links Storm-1175 to GoAnywhere flaw CVE-2025-10035, exploited since September for Medusa ransomware.
The Hacker News

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

XWorm V6.0 is designed to connect to its C2 server at 94.159.113 [.]64 on port 4411 and supports a command called "plugin" to ...
The Hacker News

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike links Oracle EBS CVE-2025-61882 (CVSS 9.8) to Cl0p with moderate confidence; CISA adds to KEV, patch by Oct 27, ...