Privacy | Breaking Cybersecurity News | The Hacker News

The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering. This week's findings show how that shrinking margin of safety is redrawing the threat landscape. Here's what's making headlines. Hijack Loader expands its reach in Latin America LATAM Targeted by PureHVNC Phishing emails containing SVG file attachments targeting Colombian, Spanish-speaking individuals with themes relating to the Attorney General's office of Colombia have been used to deliver PureHVNC RAT . "The emails entice the user to download an 'official document' from the judicial information system, which starts the infection chain of executing a Hijack Loader executable that leads to the PureHVNC Remote Access Trojan (RAT)," IBM X-Force said . The activity w...

Social media platform X is urging users who have enrolled for two-factor authentication (2FA) using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access to the service. To that end, users are being asked to complete the re-enrollment , either using their existing security key or enrolling a new one, by November 10, 2025. "After November 10, if you haven't re-enrolled a security key, your account will be locked until you: re-enroll; choose a different 2FA method; or elect not to use 2FA (but we always recommend you use 2FA to protect your account!)," the company's Safety handle wrote in a post on X. The move is part of the company's efforts to formally retire the twitter[.]com domain. Twitter, which was acquired by SpaceX and Tesla CEO Elon Musk in October 2022, was rebranded to X in July 2023. In a follow-up post, X noted that the change does not apply to users who have enrolled for 2FA using other methods, such...

Criminals don't need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you're already a target. This week's ThreatsDay highlights show exactly how those weak points are being exploited — from overlooked misconfigurations to sophisticated new attack chains that turn ordinary tools into powerful entry points. Lumma Stealer Stumbles After Doxxing Drama Decline in Lumma Stealer Activity After Doxxing Campaign The activity of the Lumma Stealer (aka Water Kurita) information stealer has witnessed a "sudden drop" since last months after the identities of five alleged core group members were exposed as part of what's said to be an aggressive underground exposure campaign dubbed Lumma Rats since late August 2025. The targeted individuals are affiliated with the malware's development and administ...

Meta on Tuesday said it's launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it's introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to prevent them from giving away sensitive information like bank details or verification codes. On Messenger, users can opt to enable a setting called "Scam detection" by navigating to Privacy & safety settings. Once it's turned on, users are alerted when they receive a potentially suspicious message from an unknown connection that may contain signs of a scam. "Because detection happens on your device, chats with end-to-end encryption stay secure," Meta said in a support document. "If you're notified that a chat may contain signs of a scam, we'll ask if you'd like to send recent messages you received to AI review. Messages that are shared with AI are no longer end-...

The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it's become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive. Hackers don't always break systems anymore — they use them. They hide inside trusted apps, copy real websites, and trick people into giving up control without even knowing it. It's no longer just about stealing data — it's about power, money, and control over how people live and communicate. This week's ThreatsDay issue looks at how that battle is unfolding — where criminals are getting smarter, where defenses are failing, and what that means for anyone living in a connected world. Crypto empire built on slavery Historic Operation Targets SE Asian Scam Networks with $15B Seizure The U.S. government has seized $15 billion (approximately 127,271 bitcoin) worth of cryptocurrency assets from one of the world's largest operators ...

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface. This edition of ThreatsDay Bulletin explores these converging risks and the safeguards that help preserve trust in an increasingly intelligent threat landscape. How Threat Actors Abuse Microsoft Teams Attackers Abuse Microsoft Teams for Extortion, Social Engineering, and Financial Theft Microsoft detailed the various ways threat actors can abuse its Teams chat software at various stages of the attack chain, even using it to support financial theft through extortion, social engineering, or technical means. " Octo Tempest has used communication apps, including Teams, to send taunting and threatening messages to organizations, defenders, and incident response teams as p...

We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It's about trust. And trust, by definition, is about what happens when you're not looking. Agentic AI — AI that perceives, decides, and acts on behalf of others — isn't theoretical anymore. It's routing our traffic, recommending our treatments, managing our portfolios, and negotiating our digital identity across platforms. These agents don't just handle sensitive data — they interpret it. They make assumptions, act on partial signals, and evolve based on feedback loops. In essence, they build internal models not just of the world, but of us. And that should give us pause. Because once an agent becomes adaptive and semi-autonomous, privacy isn't just about who has access to the data; it's about what the ag...

Most security tools can't see what happens inside the browser, but that's where the majority of work, and risk, now lives. Security leaders deciding how to close that gap often face a choice: deploy a dedicated Enterprise Browser or add an enterprise-grade control layer to the browsers employees already use and trust. The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions examines this choice across nine "rounds": adoption, data protection, BYOD, productivity, management overhead, remote access, Zero Trust alignment, supply-chain security, and future-readiness, to show where each approach excels, and where trade-offs emerge. Each round uses practical, enterprise scenarios to compare the two models, making it easier to see not just what they can do, but how they perform at scale. The Browser Is Now the Workspace The browser has become the primary workspace for enterprise users. It is where sensitive data is created, accessed, and moved through copy/paste action...

The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications. These apps masquerade as VPNs, device "monitoring" apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in an exhaustive analysis shared with The Hacker News. "They released apps under several developer names, including HolaCode, LocoMind, Hugmi, Klover Group, and AlphaScale Media," the company said . "Available in the Google Play and Apple store, these have been downloaded millions of times in aggregate." These fake apps, once installed, deceive users into signing up for subscriptions that are difficult to cancel, flood them with ads, and part with personal information like email addresses. It's worth noting that LocoMind was previously flagged by Cyjax as part of a phish...

Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that's used by law enforcement authorities in China to gather information from seized mobile devices. The hacking tool, believed to be a successor of MFSocket , is developed by a Chinese company named SDIC Intelligence Xiamen Information Co., Ltd. , which was formerly known as Meiya Pico. It specializes in the research, development, and sale of electronic data forensics and network information security technology products. According to a report published by Lookout, Massistant works in conjunction with a corresponding desktop software, allowing for access to the device's GPS location data, SMS messages, images, audio, contacts, and phone services. "Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel," security resear...