The Hacker News

🚨 10 fake npm packages (~9.9K installs) hid a cross-platform info stealer. It spawns a fake terminal, pulls a 24 MB payload from 195.133.79[.]43, and drains keyrings — not just browser creds. Instant access to email, cloud, VPNs, and prod DBs. Read details ↓ https://thehackernews.com/2025/10/10-npm-packages-caught-stealing.html

🚨 CISA confirmed ACTIVE exploitation of new flaws in Dassault Systèmes’ DELMIA Apriso and XWiki. One lets any guest run code. Another gives full admin access. Hackers are already dropping crypto miners. Agencies have until Nov 18 to patch ↓ https://thehackernews.com/2025/10/active-exploits-hit-dassault-and-xwiki.html

🔥 Researchers just broke Intel & AMD’s newest “secure” enclaves — again. A sub-$1K hardware rig can steal attestation keys from fully patched systems running SGX, TDX, and SEV-SNP with Ciphertext Hiding. Even constant-time crypto and DDR5 encryption couldn’t stop it. Learn how TEE-Fail cracks open AI and confidential VMs ↓ https://thehackernews.com/2025/10/new-teefail-side-channel-attack.html

🚨 New Android Trojan ‘Herodotus’ is on the move. It’s hitting phones in 🇮🇹 Italy & 🇧🇷 Brazil — stealing 2FA codes, logins, even lock PINs — and typing like a human to slip past fraud detection. 🔗 Read full report → https://thehackernews.com/2025/10/new-android-trojan-herodotus-outsmarts.html

🚨 North Korea–linked BlueNoroff is running two active campaigns — GhostCall & GhostHire — into 2025. GhostCall fakes Zoom/Teams meetings to drop malware via bogus SDK “updates.” GhostHire targets Web3 devs on Telegram with booby-trapped GitHub tests. Full report ↓ https://thehackernews.com/2025/10/researchers-expose-ghostcall-and.html

AI-driven attacks move faster than humans can react. The real risk? Teams flying blind. ANYRUN flips the script — predicting attacks before they strike. 99% unique IOCs. Zero lag. Full context. Early detection turns panic into power → https://thehackernews.com/2025/10/why-early-threat-detection-is-must-for.html

AI-driven attacks move faster than humans can react. The real risk? Teams flying blind. ANYRUN flips the script — predicting attacks before they strike. 99% unique IOCs. Zero lag. Full context. Early detection turns panic into power → https://thehackernews.com/2025/10/why-early-threat-detection-is-must-for.html

Google Workspace isn’t secure by default. Many startups operate with open sharing, broad app access, and limited oversight. The risk? It often looks completely normal. See how lean teams are locking it down → https://thehackernews.com/2025/10/is-your-google-workspace-as-secure-as.html

⚠️ ALERT: A Chrome zero-day (CVE-2025-2783) was exploited to deliver spyware built by Memento Labs — the firm behind past government surveillance tools. One click in Chromium = full sandbox escape. Read this → https://thehackernews.com/2025/10/chrome-zero-day-exploited-to-deliver.html

⚠️ SideWinder hackers strike again. A European embassy in New Delhi was hit using fake Adobe Reader updates and signed apps to sneak in StealerBot malware — stealing passwords, screenshots, and files. Other targets: Sri Lanka, Pakistan, and Bangladesh. Full report ↓ https://thehackernews.com/2025/10/sidewinder-adopts-new-clickonce-based.html

⚡ Security and speed shouldn’t be enemies. But when AI agents multiply faster than controls can keep up, most orgs fall into firefighting mode. Join our live session to see how forward-thinking teams are: ✅ Governing thousands of AI agents automatically ✅ Embedding security guardrails that scale ✅ Shipping AI features faster — and safer Live webinar: Learn how to scale AI securely, without compromise → https://thehacker.news/securing-ai-adoption

⚠️ WARNING: X users with security keys (like YubiKeys) must re-enroll 2FA by Nov 10, 2025 — or get locked out. The update moves keys from twitter[.]com to x[.]com as Twitter’s domain is retired. Details ↓ https://thehackernews.com/2025/10/x-warns-users-with-security-keys-to-re.html