News

The Hacker News4h
UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 ...
The Hacker News4h
China's Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
The hacking tool, believed to be a successor of MFSocket, is developed by a Chinese company named SDIC Intelligence Xiamen ...
The Hacker News11h
Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
Critical NVIDIA vulnerability CVE-2025-23266 impacts 37% of cloud services, allowing privilege escalation and data tampering.
The Hacker News11h
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
APT28 targets Ukrainian government officials with a phishing campaign delivering LAMEHUG malware, utilizing Alibaba Cloud’s ...
The Hacker News12h
Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
"The BADBOX 2.0 botnet compromised over 10 million uncertified devices running Android's open-source software (Android Open ...
The Hacker News12h
From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
This article discusses why IT leaders must think beyond backup and embrace cyber resilience to survive and thrive in the ...
The Hacker News18h
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
A new attack uses CVE-2021-41773 in Apache HTTP Server to install a cryptocurrency miner via compromised websites.
The Hacker News4h
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
CVE-2025-0282 is a critical security flaw in ICS that could permit unauthenticated remote code execution. It was addressed by Ivanti in early January 2025. CVE-2025-22457, patched in April 2025, ...