Category: Uncategorized
-

Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail [email protected] (The Hacker News)
Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as…
-

Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites [email protected] (The Hacker News)
Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. “The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within…
-

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks [email protected] (The Hacker News)
Threat actors have been exploiting a security vulnerability in Paragon Partition Manager’s BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC). “These include arbitrary kernel memory mapping andRead…
-

U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices [email protected] (The Hacker News)
The U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and 17 in the country. To that end, the watchdog said it’s probing how the ByteDance-owned video-sharing service uses the personal data of…
-

⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists [email protected] (The Hacker News)
This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive trove of live secrets was discovered, reminding us that…
-

The New Ransomware Groups Shaking Up 2025 [email protected] (The Hacker News)
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year’s total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of…
-
What is cyberstalking and how to prevent it?
Post ContentRead More
-

Vo1d Botnet’s Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries [email protected] (The Hacker News)
Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved variant of Vo1d has been found to encompass 800,000 daily active IP addresses, with the botnet scaling a peak of 1,590,299 on January 19, 2025, spanning 226…
-

Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language [email protected] (The Hacker News)
Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states – You give Mozilla the rights necessary to operate Firefox. This includes processing…
-

Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone [email protected] (The Hacker News)
A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. “The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite,” the international…
