#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

data breach | Breaking Cybersecurity News | The Hacker News

Category — data breach
AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics

AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics

Jan 10, 2025 Artificial Intelligence / Cybercrime
Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to date. "The group uses double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms," Check Point Research said in a new report shared with The Hacker News. "Notably, FunkSec demanded unusually low ransoms, sometimes as little as $10,000, and sold stolen data to third parties at reduced prices." FunkSec launched its data leak site (DLS) in December 2024 to "centralize" their ransomware operations, highlighting breach announcements, a custom tool to conduct distributed denial-of-service (DDoS) attacks, and a bespoke ransomware as part of a ransomware-as-a-service (RaaS) model. A majority of the victims are located in the U.S., India, Italy, Brazil, Israel, Spain, and Mongolia. Check Point's analysis of the group...
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws

E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws

Jan 09, 2025 Data Privacy / GDPR
The European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc's own data privacy regulations. The development marks the first time the Commission has been held liable for infringing stringent data protection laws in the region. The court determined that a "sufficiently serious breach" was committed by transferring a German citizen's personal data, including their IP address and web browser metadata, to Meta's servers in the United States when visiting the now-inactive futureu.europa[.]eu website in March 2022. The individual registered for one of the events on the site by using the Commission's login service, which included an option to sign in using a Facebook account. "By means of the 'Sign in with Facebook' hyperlink displayed on the E.U. Login webpage, the Commission created the conditions for t...
Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year

Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year

Jan 07, 2025Cybersecurity / Endpoint Security
It's time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their prime, succumbed to the twin forces of time and advancing threats. Much like a tribute to celebrities lost in the past year, this article will look back at a few of cybersecurity's brightest stars that went dark in the past year.  1. Legacy Multi-Factor Authentication (MFA) Cause of Death: Compromised by sophisticated phishing, man-in-the-middle (MitM), SIM-swapping, and MFA prompt bombing attacks. The superstar of access security for more than twenty years, legacy MFA solutions enjoyed broad adoption followed by almost-universal responsibility for cybersecurity failures leading to successful ransomware attacks. These outdated solutions relied heavily on SMS or email-based codes o...
Top 5 Malware Threats to Prepare Against in 2025

Top 5 Malware Threats to Prepare Against in 2025

Jan 08, 2025 Malware Analysis / Threat Intelligence
2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5 common malware families that you can start preparing to counter right now. Lumma Lumma is a widely available malware designed to steal sensitive information. It has been openly sold on the Dark Web since 2022. This malware can effectively collect and exfiltrate data from targeted applications, including login credentials, financial information, and personal details. Lumma is regularly updated to enhance its capabilities. It can log detailed information from compromised systems, such as browsing history and cryptocurrency wallet data. It can be used to install other malicious software on infected devices. In 2024, Lumma was distributed through various methods...
cyber security

Secure Your Azure: Proactive Tips for Cloud Protection

websiteWizCloud Security
Discover how to boost your Azure cloud security with practical steps to help you maintain control and visibility.
India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

Jan 06, 2025 Regulatory Compliance / Data Privacy
The Indian government has published a draft version of the Digital Personal Data Protection (DPDP) Rules for public consultation. "Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent," India's Press Information Bureau (PIB) said in a statement released Sunday. "Citizens are empowered with rights to demand data erasure, appoint digital nominees, and access user-friendly mechanisms to manage their data." The rules, which seek to operationalize the Digital Personal Data Protection Act, 2023, also give citizens greater control over their data, providing them with options for giving informed consent to processing their information, as well as the right to erase with digital platforms and address grievances. Companies operating in India are further required to implement security measures, such as encryption, access control, and data backups, to safeguard personal data, and ensure its c...
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]

Jan 06, 2025
Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been thinner. This week, we dive into the hidden risks, surprising loopholes, and the clever tricks cybercriminals are using to outsmart the systems we depend on. Stay with us as we unpack what's happening behind the screen and how you can stay one step ahead. ⚡ Threat of the Week Dozens of Google Chrome Extensions Caught Stealing Sensitive Data — The challenges with securing the software supply chain reared once again after about three dozen extensions were found surreptitiously siphoning sensitive data from roughly 2.6 million devices for several months as part of two related campaigns. The compromises came to light after data loss prevention service Cyberhaven revealed that its browser extens...
From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Jan 06, 2025 SaaS Security / Threat Detection
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024 ). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout players, unexpected underdogs, and relentless scorers leaving their mark on the SaaS security playing field.  As we enter 2025, security teams must prioritize SaaS security risk assessments to uncover vulnerabilities, adopt SSPM tools for continuous monitoring, and proactively defend their systems. Here are the Cyber Threat All-Stars to watch out for—the MVPs, rising stars, and master strategists who shaped the game. 1. ShinyHunters: The Most Valuable Player Playstyle: Precision Shots (Cybercriminal Organization) Biggest Wins: Snowflake, Ticketmaster and Authy Notable Drama: Exploited on...
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

Jan 04, 2025 Malware / VPN Security
Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google's Mandiant Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT , which had its source code publicly leaked in 2008. PLAYFULGHOST's initial access pathways include the use of phishing emails bearing code of conduct-related lures or search engine optimization (SEO) poisoning techniques to distribute trojanized versions of legitimate VPN apps like LetsVPN. "In one phishing case, the infection begins by tricking the victim into opening a malicious RAR archive disguised as an image file by using a .jpg extension," the company said . "When extracted and executed by the victim, the archive drops a malicious Windows executable, which eventually dow...
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents

Dec 31, 2024 Vulnerability / Incident Response
The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents.  "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users," the department said in a letter informing the Senate Committee on Banking, Housing, and Urban Affairs. "With access to the stolen key, the threat actor was able to override the service's security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users." The federal agency said it has been working with the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (...
When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions

When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions

Dec 30, 2024 Browser Security / GenAI Security
News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, with an install base of over two million users, have been found to be compromised, and customers are now working to figure out their exposure (LayerX, one of the companies involved in protecting against malicious extensions is offering a complimentary service to audit and remediate organizations' exposure - to sign-up click here ). While this is not the first attack to target browser extensions, the scope and sophistication of this campaign are a significant step up in terms of the threats posed by browser extensions and the risks they pose to organizations. Now that details of the attack have been publicized, users and organizations need to assess their risk exposure to this attack and to browser extensions in general. This article is aimed at helping organizations understand t...
Expert Insights / Articles Videos
Cybersecurity Resources