The Hacker News5h
Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking
Fake Chrome sites spread ValleyRAT via DLL hijacking, targeting finance and sales with keylogging and remote execution.
The Hacker News5h
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Ransomware extortion fell to $813.5M in 2024 from $1.25B in 2023, despite a 15% attack surge, with law enforcement disrupting ...
The Hacker News7h
Top 3 Ransomware Threats Active in 2025
LockBit, Lynx, and Virlock dominate 2025 ransomware threats, targeting businesses with double extortion, data breaches, and ...
The Hacker News8h
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
SparkCat malware infects 242,000 Android devices, using OCR to steal crypto wallet phrases, marking the first iOS stealer on Apple’s App Store.
The Hacker News8h
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025
PAM market to reach $42.96B by 2037. Learn how PAM boosts security, compliance, and efficiency amid evolving cyber threats.
The Hacker News8h
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
Kimsuky, a North Korean APT, uses LNK files and forceCopy malware to steal browser-stored credentials via phishing attacks, ...
The Hacker News9h
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc
Cisco has patched two critical ISE vulnerabilities (CVEs 2025-20124, 2025-20125) allowing remote command execution and ...
The Hacker News15h
Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform
Microsoft patched a critical SSRF flaw in Power Platform's SharePoint connector, risking credential theft and data breaches ...
The Hacker News16h
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
Google’s February 2025 update patches 47 Android flaws, including CVE-2024-53104, exploited in the wild, and CVE-2024-45569 ...
The Hacker News16h
AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks
Hackers deliver AsyncRAT using Dropbox URLs and TryCloudflare tunnels, exploiting legitimate services to bypass security ...
The Hacker News1d
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
Lazarus Group targets job seekers via fake LinkedIn offers, delivering malware that steals crypto wallet data.
The Hacker News1d
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
Seqrite Labs said it observed some level of tactical overlaps between the threat actor and YoroTrooper (aka SturgeonPhisher), ...