The Hacker News
Kanalga Telegramβda oβtish
β Official THN Telegram Channel β A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. π¨ Contact: admin@thehackernews.com π Website: https://thehackernews.com
Ko'proq ko'rsatish2025 yil raqamlarda
153 612
Obunachilar
+9424 soatlar
+3767 kunlar
+1 46330 kunlar
Postlar arxiv
Photo unavailableShow in Telegram
β οΈ Holiday shopping means hacker season.
Bots hit hardest around Black Friday & Christmas.
Reused passwords = easy targets.
Block breached logins + secure vendor accounts now.
π Read β https://thehackernews.com/2025/12/how-can-retailers-cyber-prepare-for.html
β‘ 11
Photo unavailableShow in Telegram
β οΈ Three new Android threats just dropped:
β’ FvncBot β fake βmBankβ app that logs keys, streams screens, and steals banking data.
β’ SeedSnatcher β spreads via Telegram to steal crypto seed phrases and 2FA codes.
β’ ClayRat β upgraded spyware faking YouTube & taxi apps for full device control.
All abuse Androidβs accessibility features.
π Read here β https://thehackernews.com/2025/12/android-malware-fvncbot-seedsnatcher.html
π₯ 13π 4π€― 4π 3π 2
Photo unavailableShow in Telegram
β οΈ Hackers are exploiting a bug in the Sneeit Framework plugin (CVE-2025-6389) to run code on servers and create admin accounts on WordPress sites.
β οΈ Separately, a flaw in ICTBroadcast (CVE-2025-2611) lets attackers use the BROADCAST cookie for unauthenticated remote shell access on exposed hosts.
π Read β https://thehackernews.com/2025/12/sneeit-wordpress-rce-exploited-in-wild.html
π€ 10π 3π± 2
Photo unavailableShow in Telegram
β οΈ Iranβs MuddyWater hackers are using a new backdoor called "UDPGangster" that hides in fake βelection seminarβ Word files.
It only runs after checking if your computer is real β not a sandbox β then steals data over UDP to dodge detection.
π Read β https://thehackernews.com/2025/12/muddywater-deploys-udpgangster-backdoor.html
π 17π₯ 11π€― 8β‘ 4π 4π€ 2
Photo unavailableShow in Telegram
π Over 30 security flaws found in AI-powered coding tools like Copilot, Cursor, and Zed β letting hackers steal data or run malicious code without you doing a thing.
Researchers are calling it βIDEsaster.β
π Details here β https://thehackernews.com/2025/12/researchers-uncover-30-flaws-in-ai.html
π 32π 15π€― 12π₯ 1
Photo unavailableShow in Telegram
CISA added the new 10.0-rated React RCE flaw (CVE-2025-55182) to its exploited list.
π Exploited within hours by Chinese hackers.
π₯ Affects Next.js, React Router, Vite, Waku & more.
π° Some attacks dropped crypto-miners & stole AWS creds.
π Read: https://thehackernews.com/2025/12/critical-react2shell-flaw-added-to-cisa.html
π₯ 19π 11π 4π 4π€― 2
Photo unavailableShow in Telegram
π¨ WARNING: A new attack can trick Perplexityβs Comet browser into deleting your Google Drive.
Just one normal-looking email with hidden cleanup instructions can make the AI agent erase real files β no exploit, no warning.
π Details here β https://thehackernews.com/2025/12/zero-click-agentic-browser-attack-can.html
π€― 23π 14π₯ 8
Photo unavailableShow in Telegram
𧩠57% of SMBs say cybersecurity is a top priority β yet they still turn down MSPs.
β‘ The issue isnβt interest. Itβs confusion.
β‘ Theyβre tired of jargon, fear, and hard selling.
βGetting to Yesβ helps MSPs explain security in plain business terms β and win trust.
π See how itβs done β https://thehackernews.com/2025/12/getting-to-yes-anti-sales-guide-for-msps.html
π 4
Photo unavailableShow in Telegram
π¨ Critical Apache Tika flaw (CVE-2025-66516) just dropped β CVSS 10.0.
A single fake PDF can trigger an XXE attack, letting hackers read server files or run code.
π Read β https://thehackernews.com/2025/12/critical-xxe-bug-cve-2025-66516-cvss.html
Update to v3.2.2 now.
π₯ 13π€ 5π± 1
Photo unavailableShow in Telegram
β οΈ Within HOURS of disclosure, two China-linked hacking groups weaponized a critical React flaw (CVE-2025-55182).
Theyβre already scanning the web for unpatched apps.
Update to React 19.0.1+ now.
π Read β https://thehackernews.com/2025/12/chinese-hackers-have-started-exploiting.html
π€― 7π₯ 4
Photo unavailableShow in Telegram
π¨ A lawyer in Pakistan was hacked with Predator β the first known spyware attack on a civil society member.
It started with a link on WhatsApp, but new leaks show Predator can also spread through ads β no click needed.
It can read chats, record audio, take photos β and Intellexa may still access customer systems remotely.
π Read β https://thehackernews.com/2025/12/intellexa-leaks-reveal-zero-days-and.html
π 9π± 5π₯ 2π 1
Photo unavailableShow in Telegram
π¨ CISA just warned about a new Chinese state-backed hack tool called BRICKSTORM β a backdoor found in VMware and Windows systems used by U.S. government and tech networks.
It can reinstall itself if removed, hide in normal traffic, and give hackers full remote control.
πRead β https://thehackernews.com/2025/12/cisa-reports-prc-hackers-using.html
π€― 20π₯ 6π 3π 2
Photo unavailableShow in Telegram
β οΈ Hackers are exploiting a command injection bug in Array Networks AG Series gateways β active since August 2025.
It lets attackers run any command on systems using βDesktopDirectβ remote access.
π Details β https://thehackernews.com/2025/12/jpcert-confirms-active-command.html
π₯ 9π 4π 3
Photo unavailableShow in Telegram
π¨ A fake Microsoft Teams installer is spreading malware in China.
Hackers called "Silver Fox" made it look like a Russian attack to hide their tracks.
It installs ValleyRAT, giving full remote access to victims.
π Read: https://thehackernews.com/2025/12/silver-fox-uses-fake-microsoft-teams.html
π 14π₯ 12
Photo unavailableShow in Telegram
π¨ AI tools are now running inside your browser β reading data, following hidden prompts, and moving info across tabs.
IT canβt see it. Security canβt stop it.
Seraphic Securityβs Suresh Batchu calls this the next big blind spot: Shadow AI in the enterprise browser.
π Read β https://thehackernews.com/expert-insights/2025/12/shadow-ai-in-browser-next-enterprise.html
π€― 13π 6π€ 3π 2
Photo unavailableShow in Telegram
βοΈ Hackers faking airport Wi-Fi.
π» Malware hiding inside coding tools.
π€ AI rewriting security playbooks.
Thatβs just the start β and 15+ more stories inside.
π° This weekβs ThreatsDay Bulletin uncovers the sneakiest hacks, scams, and βtoo-smartβ malware out there.
π Catch up before they catch you β https://thehackernews.com/2025/12/threatsday-bulletin-wi-fi-hack-npm-worm.html
π 9π€ 4
Photo unavailableShow in Telegram
π€π₯ AI-built code just broke web security in 2025.
One bug in a βvibe codingβ platform let anyone access private apps β no login needed.
β οΈ 45% of AI-written code had exploitable flaws.
π’ Even big firms like Wix had to patch fast.
The fix? Treat all AI code as untrusted.
π Read here β https://thehackernews.com/2025/12/5-threats-that-reshaped-web-security.html
π 10π€― 8β‘ 4π 1
Photo unavailableShow in Telegram
π¨ Thousands hacked after downloading what looked like βofficialβ government apps.
They were fake versions of real banking apps, modified by hackers from GoldFactory to include malware.
So far, over 11,000 phones in Southeast Asia have been infected.
π Details β https://thehackernews.com/2025/12/goldfactory-hits-southeast-asia-with.html
π€― 14π 5π₯ 3π 2
Photo unavailableShow in Telegram
π¨ Cloudflare just stopped the largest DDoS attack ever β a 29.7 Tbps strike from the AISURU botnet that used up to 4 million hacked devices.
It hit 15,000 ports every second for 69 seconds before being blocked.
π Details: https://thehackernews.com/2025/12/record-297-tbps-ddos-attack-linked-to.html
π₯ 37π± 13π 8π 7
Photo unavailableShow in Telegram
β οΈ URGENT: A 10.0-severity bug just hit React Server Components and Next.js.
It lets anyone run code on your server β even without logging in.
π Details β https://thehackernews.com/2025/12/critical-rsc-bugs-in-react-and-nextjs.html
βοΈ Fix: update to patched versions now.
π 12π€― 7π 5π± 3β‘ 2
