AI-augmented actor breached 600+ FortiGate devices in 55 countries using weak credentials and exposed ports, Amazon reports.

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

PromptSpy Android malware abuses Google Gemini to analyze screens, automate persistence, block removal, and enable VNC-based remote device control.

DOJ indicts two ex-Google engineers and a spouse for allegedly stealing Tensor trade secrets, sending hundreds of files to ...

Massiv Android trojan hides in fake IPTV apps, enabling remote device control, credential theft, and fraudulent banking ...

FBI reports 1,900 ATM jackpotting cases since 2020, with $40.73M lost to Ploutus malware bypassing bank authorization.

CRESCENTHARVEST uses protest lures and malicious LNK files to deploy RAT malware targeting Iran protest supporters for ...

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software ...

A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea's fraudulent information technology (IT) worker scheme.

Insurers tighten cyber underwriting as identity risks grow; breach costs hit $4.4M and MFA gaps affect payouts.

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...

ZeroDayRAT is a cross-platform mobile spyware sold on Telegram that enables live surveillance, OTP theft, and financial data ...