The Hacker News

⚠️ Holiday shopping means hacker season. Bots hit hardest around Black Friday & Christmas. Reused passwords = easy targets. Block breached logins + secure vendor accounts now. 🔗 Read ↓ https://lnkd.in/eHJAggJN

💥 USB drives spreading crypto miners. 💰 Fake investment sites busted. 🐀 CastleRAT creeping through networks. ⚖️ Portugal shields ethical hackers. 💸 Ransomware payouts falling fast. That’s this week’s cybersecurity snapshot — and it’s a wild one. Get the full stories, latest tools, and expert webinars in the latest recap.

⚠️ Three new Android threats just dropped: • FvncBot – fake “mBank” app that logs keys, streams screens, and steals banking data. • SeedSnatcher – spreads via Telegram to steal crypto seed phrases and 2FA codes. • ClayRat – upgraded spyware faking YouTube & taxi apps for full device control. All abuse Android’s accessibility features. 🔗 Read here ↓ https://lnkd.in/g6xu8nuU

⚠️ Hackers are exploiting a bug in the Sneeit Framework plugin (CVE-2025-6389) to run code on servers and create admin accounts on WordPress sites. ⚠️ Separately, a flaw in ICTBroadcast (CVE-2025-2611) lets attackers use the BROADCAST cookie for unauthenticated remote shell access on exposed hosts. 🔗 Read ↓ https://lnkd.in/g7hgmHgr

⚠️ Iran’s MuddyWater hackers are using a new backdoor called "UDPGangster" that hides in fake “election seminar” Word files. It only runs after checking if your computer is real — not a sandbox — then steals data over UDP to dodge detection. 🔗 Read → https://lnkd.in/gFbHfxQt

🛑 Over 30 security flaws found in AI-powered coding tools like Copilot, Cursor, and Zed — letting hackers steal data or run malicious code without you doing a thing. Researchers are calling it “IDEsaster.” 🔗 Details here → https://lnkd.in/gdbQg8Vd

CISA added the new 10.0-rated React RCE flaw (CVE-2025-55182) to its exploited list. 🕒 Exploited within hours by Chinese hackers. 💥 Affects Next.js, React Router, Vite, Waku & more. 💰 Some attacks dropped crypto-miners & stole AWS creds. 🔗 Read: https://lnkd.in/giF2md_4

🚨 WARNING: A new attack can trick Perplexity’s Comet browser into deleting your Google Drive. Just one normal-looking email with hidden cleanup instructions can make the AI agent erase real files — no exploit, no warning. 🔗 Details here → https://lnkd.in/gMfTC83V

🔒 Android can now warn you mid-call if a scammer’s trying to trick you. The new in-call scam protection just rolled out in the U.S. for Cash App and JPMorgan Chase users — after pilots in the U.K., Brazil, and India. It pauses the screen share for 30 seconds to help you hang up before losing money. 🔗 Read ↓ https://lnkd.in/gRYtgKtF

🧩 57% of SMBs say cybersecurity is a top priority — yet they still turn down MSPs. ➡ The issue isn’t interest. It’s confusion. ➡ They’re tired of jargon, fear, and hard selling. “Getting to Yes” helps MSPs explain security in plain business terms — and win trust. 👉 Cynomi's guide explains how it’s done → https://lnkd.in/gxJFKg_T