🚨 New Android threat: RatOn

• Drains crypto wallets (MetaMask, Trust, Phantom)
• Hacks Czech bank app George Česko for auto-transfers
• Spreads via fake TikTok apps
• Can lock your phone with ransom screens

Active since July. Still evolving.

Details here → https://thehackernews.com/2025/09/raton-android-malware-detected-with-nfc.html

⚠️ Hackers just leveled up phishing.

Axios abuse in Microsoft 365 + Salty 2FA kits are bypassing MFA, hijacking session tokens, and stealing logins at scale.

Success rates? Up to 70%. The new playbook blurs legit vs fake traffic.

Here’s how it works ↓ https://thehackernews.com/2025/09/axios-abuse-and-salty-2fa-kits-fuel.html

🚨 SAP just patched three critical NetWeaver flaws that let attackers run code & upload files without limits.

One flaw scores 10/10 CVSS—full system compromise is possible.

Don’t wait—update now.

Full details → https://thehackernews.com/2025/09/sap-patches-critical-netweaver-cvss-up.html

🚨 Adobe just dropped a critical warning: a new Magento flaw, SessionReaper (CVE-2025-54236, 9.1/10), could let attackers hijack customer accounts via the REST API.

It’s one of the worst Magento vulnerabilities in years.

Merchants—patch immediately → https://thehackernews.com/2025/09/adobe-commerce-flaw-cve-2025-54236-lets.html

⚡ A new phishing kit called Salty2FA can steal your password and bypass 2FA codes — SMS, push, even voice.

It’s already hitting banks, energy, and telecoms across the US & Europe.

What’s happening + how to defend → https://thehackernews.com/2025/09/watch-out-for-salty2fa-new-phishing-kit.html

🚨 China-linked hackers posed as a U.S. Congressman—sending “urgent” emails with hidden malware to infiltrate U.S. agencies, trade groups, and law firms during tense trade talks.

Details here → https://thehackernews.com/2025/09/china-linked-apt41-hackers-target-us.html

🔥 Apple just gave the iPhone 17 a built-in shield against hackers.

A new feature called Memory Integrity Enforcement blocks the very exploits spyware depends on—buffer overflows, use-after-free bugs—without slowing performance.

🔒 This could be Apple’s biggest security upgrade in years.

Full story → https://thehackernews.com/2025/09/apple-iphone-air-and-iphone-17-feature.html

Microsoft just dropped a massive Patch Tuesday:

⚡ 80 flaws fixed — 8 critical

⚡ One already public: SMB bug (CVE-2025-55234) that opens the door to relay + MITM attacks

⚡ A 10.0 Azure flaw + NTLM bug that could hand over SYSTEM access

Patch now. Audit SMB.

Details → https://thehackernews.com/2025/09/microsoft-fixes-80-flaws-including-smb.html

🤖 AI is rewriting cybersecurity.

vCISO providers using automation cut their workload by 68% in just one year.

What used to take 13 hours now takes 3—freeing teams to move faster, serve more clients, and grow.

Details here ↓ https://thehackernews.com/2025/09/the-time-saving-guide-for-service.html

🚨 New malware alert: macOS backdoor CHILLYHELL and cross-platform RAT ZynorRAT discovered.

CHILLYHELL was Apple-notarized and linked to Ukrainian gov site attacks—Apple revoked its certs.

ZynorRAT hijacks Windows & Linux via Telegram, stealing files and taking screenshots.

Full details → https://thehackernews.com/2025/09/chillyhell-macos-backdoor-and-zynorrat.html

🛑 DDoS tests in a sandbox won’t save you.

The only way to know if your defenses hold? Test in production, target your critical assets, and retest until it breaks (or holds).

Your next outage might be hiding in what you didn’t test.

✅ Full guide → https://thehackernews.com/expert-insights/2025/09/how-to-get-most-out-of-your-ddos-testing.html

🤖 AI agents are taking over business operations—but they’re also creating new security threats. ⚠️

🛡️ Join Auth0’s Michelle Agroskin to learn how to secure AI, prevent data leaks, and stay ahead of attacks.

Save your spot now → https://thehacker.news/ai-agents-security

🚨 A Chinese hacking group just hit a Philippines military contractor with a new malware called EggStreme.

It doesn’t touch the disk—running entirely in memory—injects keyloggers, steals data, and moves across networks quietly.

Here’s what you need to know ↓ https://thehackernews.com/2025/09/chinese-apt-deploys-eggstreme-fileless.html

🚨 Hackers are hijacking ConnectWise ScreenConnect to secretly install AsyncRAT, a powerful remote access trojan.

Targets risk stolen passwords, crypto wallets, and keystrokes—all while the malware pretends to be a harmless “Skype Updater.”

Details ↓ https://thehackernews.com/2025/09/asyncrat-exploits-connectwise.html

⚠️ NEW SCAM ALERT! Fake browser extensions are hijacking Facebook & Instagram accounts.

Extensions promising the blue check or ad-boosting tools are secretly stealing cookies, credentials, and business accounts—then selling them on underground markets.

Read ↓ https://thehackernews.com/2025/09/fake-madgicx-plus-and-socialmetrics.html

⚠️ Companies are handing out admin-level access to randomly named “ephemeral” accounts—and then deleting them.

The result? Security teams have no idea who did what, leaving a massive blind spot for attackers.

Here’s how to fix it → https://thehackernews.com/expert-insights/2025/09/beyond-buzzwords-hidden-dangers-of.html

🚨 Akira ransomware is back — hammering SonicWall VPNs through a year-old flaw (CVE-2024-40766, CVSS 9.3).

One misstep in SonicWall’s LDAP “Default User Group” can hand attackers VPN + admin access the moment they steal a password.

Akira has already hit 967 victims and is surging again.

Check your configs. Fix it now.

Details here → https://thehackernews.com/2025/09/sonicwall-ssl-vpn-flaw-and.html

84% of company boards admit: cyber risk is a top business threat.

But here’s the kicker—only half actually understand it well enough to make smart decisions.

That disconnect puts revenue, growth, and even jobs on the line.

A new course is teaching CISOs how to finally bridge the boardroom gap ↓ https://thehackernews.com/2025/09/cracking-boardroom-code-helping-cisos.html

🚨 A U.S. Senator just accused Microsoft of gross cybersecurity negligence — saying it’s like an “arsonist selling firefighting services.”

A Bing click → ransomware → 5.6M patient records stolen.

All thanks to outdated defaults still in Windows.

Here’s what went down: https://thehackernews.com/2025/09/senator-wyden-urges-ftc-to-probe.html

Google just dropped a 🔥 update with the Pixel 10:

Your photos now come with cryptographic “nutrition labels” showing who made them, how, and even if AI was involved.

The Pixel Camera hit the highest security rating for this tech — a first for mobile.

Here’s why this matters ↓ https://thehackernews.com/2025/09/google-pixel-10-adds-c2pa-support-to.html

🚨 WARNING: Just opening the wrong repo in Cursor (the AI-powered VS Code fork) can secretly run code on your computer.

Why? Workspace Trust is off by default! A booby-trapped GitHub project = instant system compromise.

Here’s how it works (and how to stay safe) ↓ https://thehackernews.com/2025/09/cursor-ai-code-editor-flaw-enables.html