The Hacker News

AI is powering a new wave of cyberattacks — and identity is the #1 target. From deepfakes to account takeovers, attackers are moving faster than ever. ?? Watch these free webinars and learn: ? Real-world AI threats businesses are facing now ? How identity is being exploited in modern attacks ? Practical steps to harden your defenses—today Designed for IT & security teams who need to act fast. Reserve your spot now →

?? New Android threat spotted: Crocodilus malware is targeting users in Spain and Turkey, posing as Google Chrome to hijack phones. ? Bypasses Android 13+ protections ? Abuses Accessibility to steal credentials ? Records screen & key actions ? Remotely controls the device ? Hides with black screen overlays ?? Targets banks + crypto wallets ?? Learn how it works: https://lnkd.in/g8a7Gt8U

?? Hackers got hacked. BlackLock, a top ransomware gang in 2025, just got owned—by threat hunters who found a fatal flaw in their infrastructure. exposing... ?? Real IPs behind their hidden servers ?? Command history showing OPSEC fails ?? Credentials, configs, and MEGA storage accounts used for exfil ?? Turns out, DragonForce—another ransomware crew—also hacked BlackLock’s site last week, leaking internal chats and configs. Read: https://lnkd.in/gegpMrz6

Organizations are shifting their GRC (Governance, Risk, and Compliance) strategies from reactive to proactive. Hyperproof’s 6th annual IT Risk and Compliance Benchmark Report reveals that 91% of companies now have centralized GRC teams, and 72% plan to grow their compliance teams in 2025. With rising regulatory demands, companies investing in risk management aren’t just avoiding fines—they’re driving operational excellence and strategic growth. Want to see where you stand? Use Hyperproof's new GRC Maturity Model (https://lnkd.in/g8fV4xuH) to assess your compliance readiness and make a business case for improvement. ?? Get the report here: https://lnkd.in/gTB94e_d

?? Hackers can now hijack solar power systems. 46 new bugs found in inverters from Sungrow, Growatt, and SMA. Attackers could shut down power, cause blackouts, or remotely control devices like a botnet. ?? One trick? Reset accounts to default password: 123456 ?? Details: https://lnkd.in/gZWcKsBT

?? New Malware Alert: CoffeeLoader is brewing trouble. This stealthy loader evades AV/EDR using GPU execution, sleep obfuscation, and call stack spoofing. It masquerades as ASUS Armoury Crate to slip in undetected, runs every 10 minutes, and delivers second-stage payloads via HTTPS—like Rhadamanthys. ?? Learn more: https://lnkd.in/g4f4PxcA

?? Backups are NOT business continuity. When disaster strikes, your data must be recoverable—fast. That’s why 50%+ of orgs plan to ditch basic backup in 2025. Datto BCDR offers a smarter path: tested backups, instant recovery, and a cloud built just for disasters. ?? Read how it works: https://lnkd.in/gAjZVyWd

?? “Let’s chat…” said the spy app. A fake chat app named SangaalLite secretly ran a nearly 2-year Android spyware campaign, targeting Taiwanese users with a military-grade malware called PJobRAT. ?? Disguised as chat apps like SangaalLite ???♀? Steals texts, photos, contacts, and more ?? Originally used romantic lures, now upgraded to run shell commands & hijack Firebase for stealthy control. ?? Dig deeper: https://lnkd.in/gXMMWjYt

?? Crypto devs, beware! Hackers hijacked 12+ popular npm packages—some live for 9+ years—to steal secrets like API keys & SSH tokens. Root cause? Likely old maintainer accounts compromised via leaked credentials. ?? Details: https://lnkd.in/gKNJTya3 ?? Rotate keys. Audit deps. Enforce 2FA.

?? Firefox users, update now! A critical bug (CVE-2025-2857) just got patched—same sandbox escape class as the Chrome zero-day (CVE-2025-2783) actively exploited in the wild. ?? Full story: https://lnkd.in/gsXKx4z4 ?? Patch now | Spread the word | Stay safe