The Hacker News

Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability

Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...
The Hacker News

FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation

FortiBleed targeted 430,000 FortiGate firewalls with sniffers and brute-force pipelines that identified over 110 million ...
The Hacker News

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
The Hacker News

New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns

Symantec and Carbon Black link Mistic backdoor attacks to KongTuke, using ClickFix lures and in-memory execution for stealthy ...
The Hacker News

Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered

Law enforcement dismantled 326 servers and 142 domains tied to Amadey and StealC, recovering 27 million stolen credentials.
The Hacker News

Agentic AI: The Weapon That No Longer Needs a Warrior

Agentic AI is pushing offensive security beyond chatbots into autonomous recon, social engineering, exploit testing, and ...
The Hacker News

DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering

DoJ seized HuiOne cloud infrastructure as Treasury sanctioned Prince Group-linked entities over crypto fraud and money ...
The Hacker News

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents

AIR says its fake AI skill passed scanner checks by using a mutable external link, exposing a blind spot in agent skill ...
The Hacker News

Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff

Citizen Lab says Russian authorities used Cellebrite UFED on Andrey Pivovarov’s seized iPhone after Cellebrite’s 2021 Russia ...
The Hacker News

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

Kaspersky says attackers are using fake WhatsApp document attachments to run VBScript malware and install ManageEngine RMM ...
The Hacker News

Surviving the Mythos Era: Richard Bejtlich on the Case for NDR

Corelight’s NDR Essentials explains how network evidence helps analysts validate alerts, hunt threats, and disrupt attacks.
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.