News

The Hacker News4h

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE

Fox-IT said ThemeForestRAT shares similarities with a malware codenamed RomeoGolf that was put to use by the Lazarus Group in ...
The Hacker News1h

Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control

MystRodX backdoor, active since Jan 2024, uses encrypted payloads and DNS/ICMP triggers for stealthy C2 control.
The Hacker News12h

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

Silver Fox exploited a Microsoft-signed WatchDog driver in May 2025 to bypass defenses, deploy ValleyRAT, and enable fraud.
The Hacker News14h

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, ...
The Hacker News7h

Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices

FDN3 brute-force attacks peaked July 6–8, 2025, tied to Seychelles bulletproof hosts enabling ransomware entry.
The Hacker News9h

Shadow AI Discovery: A Critical Part of Enterprise AI Governance

The path forward is to govern it intelligently, rather than block it. Shadow AI discovery gives CISOs the visibility they need to protect sensitive data, meet regulatory requirements, and empower ...
The Hacker News21h

Webinar: Learn How to Unite Dev, Sec, and Ops Teams With One Shared Playbook

Get Everyone on the Same Page: See how linking code risks to cloud behavior creates a simple shared plan. Dev, ops, and security teams can finally team up, cut the noise, and speed up feedback.