The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...
The Hacker News

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

GrayBravo drives four CastleLoader threat clusters using phishing, malvertising, and Booking-themed lures across multiple ...
The Hacker News

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Storm-0249 now employs ClickFix, fileless PowerShell, and DLL sideloading to gain stealthy access that enables ransomware ...
The Hacker News

STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

Sophos reports STAC6565 targeting nearly 40 victims, with 80% of attacks hitting Canadian firms and involving QWCrypt ...
The Hacker News

Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats

Chrome adds new layered defenses to block prompt injections, restrict origin access, and prevent unsafe AI actions.
The Hacker News

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.
The Hacker News

How to Streamline Zero Trust Using the Shared Signals Framework

Zero Trust workflows strengthened as Tines converts Kolide device issues into SSF-compliant CAEP events for Okta.