The Hacker News

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

MuddyWater launched RustyWater, a Rust-based RAT, via spear-phishing Word macros targeting Middle East organizations.
The Hacker News

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

CISA has closed 10 emergency cybersecurity directives issued between 2019 and 2024 after required actions were completed and ...
The Hacker News

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

Europol says 34 Black Axe members were arrested in Spain, linked to €5.93 million in fraud and other organized crimes.
The Hacker News

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...
The Hacker News

Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages

Security researchers found 3 npm packages that installed NodeCordRAT malware, stealing browser data, crypto wallet secrets & ...
The Hacker News

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian-linked APT28 ran credential-harvesting attacks in 2025 using fake Microsoft, Google, and VPN login pages, PDF lures, ...
The Hacker News

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro patched a critical Apex Central on-prem Windows flaw (CVE-2025-69258) with CVSS 9.8 that allows remote code ...
The Hacker News

ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

Weekly cybersecurity roundup covering exploited vulnerabilities, malware campaigns, legal actions, and nation-state attacks ...
The Hacker News

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

Cisco Talos reports China-linked UAT-7290 spying on telecoms since 2022 using Linux malware, edge exploits, and ORB ...
The Hacker News

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

Astaroth banking malware is spreading in Brazil through WhatsApp messages, using ZIP files to steal contacts and banking ...
The Hacker News

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances | Read more hacking news on The ...
The Hacker News

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Cisco released updates for a medium-severity ISE and Snort 3 flaws, including CVE-2026-20029 with a public PoC, and reports ...