The Hacker News
Open in Telegram
β Official THN Telegram Channel β A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. π¨ Contact: admin@thehackernews.com π Website: https://thehackernews.com
Show more2025 year in numbers
153 666
Subscribers
+4924 hours
+3847 days
+1 47630 days
Posts Archive
Photo unavailableShow in Telegram
π₯ OpenAI just launched an AI #cybersecurity researcher.
It finds bugs, proves theyβre real, and patches them β all by itself.
Powered by GPT-5, itβs already discovered 10 vulnerabilities.
The age of autonomous bug hunters starts now β https://thehackernews.com/2025/10/openai-unveils-aardvark-gpt-5-agent.html
β‘ 27π± 15π₯ 10π 9π 5π€ 4π 1
Photo unavailableShow in Telegram
Nation-state hackers built Airstalk, a new malware abusing VMware Workspace ONEβs MDM API as a covert C2 channel.
Signed with a stolen cert, itβs exfiltrating browser data from BPO networks.
Full analysis β https://thehackernews.com/2025/10/nation-state-hackers-deploy-new.html
π 14π 3π€― 3
Photo unavailableShow in Telegram
π¨ China-backed hackers exploited an unpatched Windows shortcut bug to breach European diplomats.
UNC6384 used fake βEU Commissionβ and NATO meeting invites to plant PlugX malware (CVE-2025-9491) β still unpatched by Microsoft.
Full story β https://thehackernews.com/2025/10/china-linked-hackers-exploit-windows.html
π± 16π 7π 2π€― 1
Photo unavailableShow in Telegram
β οΈ Chinese hackers are exploiting a critical 9.3 CVE (CVE-2025-61932) in Motex Lanscope Endpoint Manager.
It lets them run SYSTEM-level commands and plant a Gokcpdoor backdoor with new multiplexed C2 channels.
Active attacks confirmed β https://thehackernews.com/2025/10/china-linked-tick-group-exploits.html
π 16π± 4β‘ 1π€― 1
Photo unavailableShow in Telegram
Most MSPs are walking straight into a trap.
Clients now expect enterprise-level cybersecurity β but many providers are still selling basic IT support.
The result? Lost clients, slower growth, and higher risk exposure.
Is your MSP ready to lead with security? β https://thehackernews.com/2025/10/the-msp-cybersecurity-readiness-guide.html
π 9
Photo unavailableShow in Telegram
CISA and NSA just issued a warning:
Exchange servers are still getting hacked. Now a new WSUS flaw (CVE-2025-59287) lets attackers run code remotely.
Even patched systems arenβt fully safe.
If you manage Exchange or WSUS, read this β https://thehackernews.com/2025/10/cisa-and-nsa-issue-urgent-guidance-to.html
β‘ 17π± 4π 1π 1
Photo unavailableShow in Telegram
A Mac app just bypassed macOS permission checks β silently turning on the mic and camera.
ThreatLockerβs new Device Access Control (DAC) for macOS, now in Beta, flags hidden risks like unencrypted drives, SMBv1, and weak sharing settings β before attackers can exploit them.
Learn more β https://thehackernews.com/2025/10/a-new-security-layer-for-macos-takes.html
π₯ 11π 6
Photo unavailableShow in Telegram
Developers accidentally leaked VS Code tokens β letting attackers publish fake extensions.
Eclipse has revoked the tokens and added new safeguards after a campaign dubbed βGlassWorm.β
Read β https://thehackernews.com/2025/10/eclipse-foundation-revokes-leaked-open.html
π₯ 9π 7π 1
Photo unavailableShow in Telegram
CISA added a new VMware zero-day to its KEV list.
CVE-2025-41244 (CVSS 7.8) lets local users on VMs with VMware Tools + Aria Operations gain root access.
Exploited since Oct 2024 by China-linked UNC5174.
Patch released last month β https://thehackernews.com/2025/10/cisa-flags-vmware-zero-day-exploited-by.html
π 11π 2
Photo unavailableShow in Telegram
π Google says it blocks over 10 billion scam calls and messages every month.
But scammers have adapted β theyβve gone social.
Now they send fake job offers in group chats, even adding fake βfriendsβ to make it look real.
The new scam tactic most experts overlooked β https://thehackernews.com/2025/10/googles-built-in-ai-defenses-on-android.html
π 22π€ 14π 4π₯ 3
Photo unavailableShow in Telegram
π₯ A tool built for defenders is now arming attackers.
AdaptixC2 β an open-source C2 in Golang β was made for red teams.
Now, Russian ransomware gangs use it in fake Microsoft Teams help-desk scams.
Details β https://thehackernews.com/2025/10/russian-ransomware-gangs-weaponize-open.html
π€― 9π€ 4π₯ 3
Photo unavailableShow in Telegram
β οΈ βPatch everythingβ is dead.
At the BAS Summit, CISOs said it straight β not every vuln matters, only the exploitable ones do.
Breach simulation shows where you bleed, not where scanners scream.
Proof beats panic. Read how BAS powers real defense β https://thehackernews.com/2025/10/the-death-of-security-checkbox-bas-is.html
π₯ 5
Photo unavailableShow in Telegram
π¨ A single line of JavaScript can crash any Chromium browser.
Researcher Jose Pino calls it Brash β it abuses how document.title handles rapid updates.
24 million title changes per second = instant crash.
Still unpatched. Details β https://thehackernews.com/2025/10/new-brash-exploit-crashes-chromium.html
π₯ 11π 7π€― 7
Photo unavailableShow in Telegram
β‘ Cybercrime just got quieter, cheaper, and a lot more precise.
π₯ DNS flaws exploited
π₯ Rust binaries hiding payloads
π₯ Supply-chain heists rising
π₯ New RATs everywhere
Your weekly ThreatsDay recap has it all β https://thehackernews.com/2025/10/threatsday-bulletin-dns-poisoning-flaw.html
π 11π 4β‘ 2π 2π₯ 1
Photo unavailableShow in Telegram
π¨ PhantomRaven hit the npm registry β 126 malicious packages, 86K+ installs, stealing npm tokens, GitHub creds, and CI/CD secrets.
They hide malware in remote dynamic dependencies that show 0 deps, so scanners miss them.
Details β https://thehackernews.com/2025/10/phantomraven-malware-found-in-126-npm.html
π€― 11π₯ 3π 1
Photo unavailableShow in Telegram
π¨ PHP servers are under attack.
Mirai, Mozi, and Gafgyt botnets are exploiting old CVEs to hijack WordPress and Craft CMS sites.
Some break-ins start from leftover PhpStorm debug sessions still running in production.
Check if yours is exposed β https://thehackernews.com/2025/10/experts-reports-sharp-increase-in.html
π 11π₯ 2π 2π 1
Photo unavailableShow in Telegram
β οΈ AI browsers like ChatGPT Atlas and Perplexity Comet can be tricked into using fake data.
A new exploit β βAI-targeted cloakingβ β lets attackers show one version of a page to humans and another to AI crawlers.
Same old SEO trick.
New weapon: misinformation at scale.
Read how it works β https://thehackernews.com/2025/10/new-ai-targeted-cloaking-attack-tricks.html
π 15π 1
Photo unavailableShow in Telegram
β‘ Your AI-driven compliance might already be non-compliant.
Regulators arenβt ready β but you can be.
Join the live session Nov 3 to uncover hidden risks and real fixes.
Register free β https://thehackernews.com/2025/10/discover-practical-ai-tactics-for-grc.html
π 8
Photo unavailableShow in Telegram
π΄ The next big breach wonβt start with a stolen password.
Itβll come from your own AI.
Agentic AIs are the new βconfused deputiesβ β doing what attackers tell them, with the access you gave them.
The scariest part? You trained the threat β https://thehackernews.com/2025/10/preparing-for-digital-battlefield-of.html
π€― 7π 5π 3π₯ 1
Photo unavailableShow in Telegram
π¨ Russian hackers breached Ukrainian networks β no malware needed.
They hijacked Windows tools (PowerShell, RDPClip, OpenSSH) to steal data and stay hidden for months.
Real fileless persistence β living in memory, invisible to AV.
Learn how they did it & how to detect it β https://thehackernews.com/2025/10/russian-hackers-target-ukrainian.html
π€― 18π₯ 8π 8π 1
