News from the economy, politics and the financial markets
In this section of our news section we provide you with editorial content from leading publishers.
TRENDING
Latest news
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including
Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort.
"The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two years," Endor Labs
Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries.
The PhaaS kit is used to conduct large-scale SMS phishing attacks that exploit trusted brands like E-ZPass and USPS to
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware.
"This discovery highlights the trend of threat actors focusing on critical identity and network access control infrastructure –
[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR
Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind.
But what if there was a smarter way to stay ahead—without adding more work or stress?
Join The Hacker News and Bitdefender for a free cybersecurity webinar to learn about a new approach called Dynamic Attack
Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active
Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack
Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild.
Of the 63 flaws, four are rated Critical and 59 are rated Important in severity. Twenty-nine of these vulnerabilities are related to privilege escalation, followed by 16 remote code execution, 11 information disclosure, three
Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy
Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud.
The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not
WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks
Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.
According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications.
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress.
The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours of initial infection.
"
CISO's Expert Guide To AI Supply Chain Attacks
AI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations.
Download the full CISO’s expert guide to AI Supply chain attacks here.
TL;DR
AI-enabled supply chain attacks are exploding in scale and sophistication - Malicious package uploads to open-source repositories jumped 156% in
Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories
Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate "@actions/artifact" package with the intent to target GitHub-owned repositories.
"We think the intent was to have this script execute during a build of a GitHub-owned repository, exfiltrate the tokens available to the build environment, and then use those tokens to publish
Android Trojan 'Fantasy Hub' Malware Service Turns Telegram Into a Hub for Hackers
Cybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that's sold on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model.
According to its seller, the malware enables device control and espionage, allowing threat actors to collect SMS messages, contacts, call logs, images, and videos, as well as intercept, reply,
Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature
Google's Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet's Triofox file-sharing and remote access platform.
The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads.
The
Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon
The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control.
"Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs," the Genians
⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week—and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.
But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear shift: cybercrime is evolving fast
New Browser Security Report Reveals Emerging Threats for Enterprises
According to the new Browser Security Report 2025, security leaders are discovering that most identity, SaaS, and AI-related risks converge in a single place, the user’s browser. Yet traditional controls like DLP, EDR, and SSE still operate one layer too low.
What’s emerging isn’t just a blindspot. It’s a parallel threat surface: unmanaged extensions acting like supply chain implants, GenAI
Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware
Cybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style pages and harvest their credentials by deploying malware like PureRAT.
"The attacker's modus operandi involved using a compromised email account to send malicious messages to multiple hotel establishments," Sekoia said. "This campaign
GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs
Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code (VS Code) ecosystem.
The extensions in question, which are still available for download, are listed below -
ai-driven-dev.ai-driven-dev (3,402 downloads)
adhamu.history-in-sublime-merge (4,057
Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic
Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances.
This leakage of data exchanged between humans and streaming-mode language models could pose serious risks to
Showing 121 to 140 of 584 entries
