A Chinese threat group, Salt Typhoon, has infiltrated major U.S. telecoms by exploiting CVE-2018-0171, a critical security flaw.

The attackers maintained access for over three years, showcasing their patience and sophistication.

Read more to learn: https://thehackernews.com/2025/02/cisco-confirms-salt-typhoon-exploited.html

AI-powered algorithms are changing the way we consume news, creating digital echo chambers.

One in five Americans now get their news from social media, fueling polarized viewpoints.

Read the full article to explore the rise of AI-driven misinformation: https://thehackernews.com/2025/02/ai-powered-deception-is-menace-to-our.html

Darcula v3 enables fraudsters to clone any website’s landing page with ease—no technical expertise required.

In just 10 minutes, attackers can create a phishing site with a brand’s exact look and feel, targeting unsuspecting users.

Read this article: https://thehackernews.com/2025/02/cybercriminals-can-now-clone-any-brands.html

A leaked data cache from Chinese cybersecurity firm TopSec reveals shocking details about its censorship-as-a-service offerings.

The leak reveals a "Cloud Monitoring Service" contract to detect and remove politically sensitive content.

Read: https://thehackernews.com/2025/02/data-leak-exposes-topsecs-role-in.html

Apple removes Advanced Data Protection (ADP) for iCloud in the U.K. following pressure from the government to build a backdoor into encrypted data.

This undermines end-to-end encryption and could set a dangerous precedent globally.

Read more: https://thehackernews.com/2025/02/apple-drops-iclouds-advanced-data.html

OpenAI has taken action against a network using ChatGPT to develop an AI-powered surveillance tool targeting anti-China protests.

The tool, believed to be linked to Chinese authorities, analyzes social media content from platforms like X, Facebook, and Reddit to gather real-time data.

Read the full article: https://thehackernews.com/2025/02/openai-bans-accounts-misusing-chatgpt.html

Over $1.46 billion worth of cryptocurrency was stolen from Bybit's Ethereum cold wallet in the largest crypto heist to date, reportedly orchestrated by the Lazarus Group.

The attack masked the signing interface, tricking the wallet into transferring funds to an unknown address.

Learn more: https://thehackernews.com/2025/02/bybit-confirms-record-breaking-146.html

Australia has banned Kaspersky software due to national security risks. The Australian government cites threats like foreign interference and espionage as reasons for the ban.

Read the full article: https://thehackernews.com/2025/02/australia-bans-kaspersky-software-over.html

Google Cloud introduces quantum-safe digital signatures in Cloud KMS, setting the stage for a future-proof encryption strategy.

This update addresses the quantum risk, aligning with NIST's post-quantum cryptography standards.

Read: https://thehackernews.com/2025/02/google-cloud-kms-adds-quantum-safe.html

⚠️ Ransomware doesn’t hit all at once—it unfolds in stages, beginning with subtle signs like deleted backups and escalated privileges. If you’re not monitoring early warning signs, it’s too late by the time encryption locks you out.

👉 Learn how continuous ransomware validation can help you detect threats early: https://thehackernews.com/2025/02/becoming-ransomware-ready-why.html

Cybersecurity experts are sounding alarms over a new wave of malware leveraging cracked software to spread information stealers like ACR Stealer.

ACR Stealer is using legitimate services like Telegram and Google Slides to hide its malicious command-and-control server.

Read the full story: https://thehackernews.com/2025/02/new-malware-campaign-uses-cracked.html

🛑 CISA has warned about two vulnerabilities: CVE-2017-3066 and CVE-2024-20953. Despite patches being available, they're flagged due to continued exploitation risks.

🔗 Read the full article: https://thehackernews.com/2025/02/two-actively-exploited-security-flaws.html

A new wave of phishing attacks has targeted industrial organizations across the APAC region, delivering the dangerous FatalRAT malware.

These attacks leverage legitimate cloud services like myqcloud and Youdao Cloud Notes to evade detection.

Read the full story: https://thehackernews.com/2025/02/fatalrat-phishing-attacks-target-apac.html

🚨 A cyber campaign using fake open-source projects on GitHub is stealing personal data and crypto assets.

Malicious tools disguised as game mods and automation scripts have already stolen 5 bitcoins (~$456,600).

Read the full article to learn how this attack works: https://thehackernews.com/2025/02/gitvenom-malware-steals-456k-in-bitcoin.html

🚨 Cyberattackers are using a vulnerable Windows driver to evade detection and deliver the Gh0st RAT malware.

Thousands of modified driver variants, including RogueKiller’s truesight.sys, are now actively bypassing defenses.

👉 Read the full article: https://thehackernews.com/2025/02/2500-truesightsys-driver-variants.html

A new malware campaign targets Belarusian activists and the Ukrainian military, using Excel files to deliver PicassoLoader.

The malicious Excel file tricks users into enabling obfuscated macros, which deploy a stealthy RAT and additional payloads.

Read the full article: https://thehackernews.com/2025/02/belarus-linked-ghostwriter-uses.html

Researchers uncover a revamped LightSpy spyware with over 100 commands, targeting Android, iOS, Windows, macOS, and platforms like Facebook and Instagram.

Explore the full details: https://thehackernews.com/2025/02/lightspy-expands-to-100-commands.html

🛑 Cybercriminals are using the ClickFix technique to spread the NetSupport RAT in 2025. Embedded in fake CAPTCHA pages, this RAT grants attackers full control, stealing sensitive data and spying in real-time.

Learn how this threat works and how to defend against it—read the full article: https://thehackernews.com/2025/02/5-active-malware-campaigns-in-q1-2025.html

🔐 CISA has just added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog—both actively exploited.

Hook: Microsoft Partner Center’s CVE-2024-49035 and Synacor ZCS’s CVE-2023-34192 are putting organizations at risk.

Read the full article: https://thehackernews.com/2025/02/cisa-adds-microsoft-and-zimbra-flaws-to.html

⚠️ A malicious Python package, automslc, has been flagged for bypassing Deezer's security to enable unauthorized music downloads.

With over 104,000 downloads, it exploits hardcoded credentials and external servers for illegal music piracy.

Read the full article: https://thehackernews.com/2025/02/malicious-pypi-package-automslc-enables.html

🚨 Ukraine’s CERT-UA warns of new cyberattacks targeting Notary of Ukraine operations with the DCRat remote access trojan.

Attackers gain access using RDPWRAPPER and steal data with tools like FIDDLER and XWorm.

Read the full article for more insights: https://thehackernews.com/2025/02/cert-ua-warns-of-uac-0173-attacks.html