The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol ( MCP ) server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 (CVSS score: 7.5), is a command injection bug stemming from the unsanitized use of user input, opening the door to a scenario where an attacker can send arbitrary system commands. "The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.)," according to a GitHub advisory for the flaw. "Successful exploitation can lead to remote code execution under the server process's privileges." Given that the Framelink Figma MCP server exposes various tools to perform operations in Figma using artificial intelligence (AI)-powered coding agents like Cursor, an attacker co...

Artificial intelligence is reshaping cybersecurity on both sides of the battlefield. Cybercriminals are using AI-powered tools to accelerate and automate attacks at a scale defenders have never faced before. Security teams are overwhelmed by an explosion of vulnerability data, tool outputs, and alerts, all while operating with finite human resources. The irony is that while AI has become a dominant theme in cybersecurity, many enterprises still struggle to apply it effectively within their programs.  The problem isn't access to information, as teams already have more data than they can process. It's cutting through the noise and focusing on what truly matters. AI is crucial here. Not only can it make security teams more efficient, it can generate insights that would be impossible to gather at scale or in real time without machine assistance. If adversaries are already weaponizing AI, then defenders must embed it into their strategies as well or risk falling further behind in a fi...

OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development. This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator also used several ChatGPT accounts to prototype and troubleshoot technical components that enable post‑exploitation and credential theft. "These accounts appear to be affiliated with Russian-speaking criminal groups, as we observed them posting evidence of their activities in a Telegram channel dedicated to those actors," OpenAI said. The AI company said while its large language models (LLMs) refused the threat actor's direct requests to produce malicious content, they worked around the limitation by creating building-block code, which was then assembled to create the workflows. Some of the produced output invo...

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot. "The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents," Aryaka Threat Research Labs researchers Aditya K Sood and Varadharajan K said in a report shared with The Hacker News. "When opened, these lures trigger the infection chain of a Go-based malware." The attack chains, per the cybersecurity company, leverage ZIP archives containing decoy PDF documents along with malicious shortcut (LNK) or executable files that are masked as PDF to trick users into opening them. When launched, the LNK file runs an embedded PowerShell script that reaches out to an external server to download a lure document, a PDF for a marketing job at Marriott. The PowerShell script al...

Google's DeepMind division on Monday announced an artificial intelligence (AI)-powered agent called CodeMender that automatically detects, patches, and rewrites vulnerable code to prevent future exploits. The efforts add to the company's ongoing efforts to improve AI-powered vulnerability discovery, such as Big Sleep and OSS-Fuzz . DeepMind said the AI agent is designed to be both reactive and proactive, by fixing new vulnerabilities as soon as they are spotted as well as rewriting and securing existing codebases with an aim to eliminate whole classes of vulnerabilities in the process. "By automatically creating and applying high-quality security patches, CodeMender's AI-powered agent helps developers and maintainers focus on what they do best — building good software," DeepMind researchers Raluca Ada Popa and Four Flynn said . "Over the past six months that we've been building CodeMender, we have already upstreamed 72 security fixes to open source proje...

For years, security leaders have treated artificial intelligence as an "emerging" technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. Far from a future concern, AI is already the single largest uncontrolled channel for corporate data exfiltration—bigger than shadow SaaS or unmanaged file sharing. The findings, drawn from real-world enterprise browsing telemetry, reveal a counterintuitive truth: the problem with AI in enterprises isn't tomorrow's unknowns, it's today's everyday workflows. Sensitive data is already flowing into ChatGPT, Claude, and Copilot at staggering rates, mostly through unmanaged accounts and invisible copy/paste channels. Traditional DLP tools—built for sanctioned, file-based environments—aren't even looking in the right direction. From "Emerging" to Essential in Record Time In just two years, AI tool...

Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. "XWorm's modular design is built around a core client and an array of specialized components known as plugins," Trellix researchers Niranjan Hegde and Sijo Jacob said in an analysis published last week. "These plugins are essentially additional payloads designed to carry out specific harmful actions once the core malware is active." XWorm, first observed in 2022 and linked to a threat actor named EvilCoder, is a Swiss Army knife of malware that can facilitate data theft, keylogging, screen capture, persistence, and even ransomware operations. It's primarily propagated via phishing emails and bogus sites advertising malicious ScreenConnect installers. Some of the other tools advertised by the developer include a .NET-based malware builder, a remote access trojan called XBinder, a...

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0. "An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution," according to a GitHub advisory for the issue. "The problem exists in all versions of Redis with Lua scripting." However, for exploitation to be successful, it requires an attacker to first gain authenticated access to a Redis instance, making it crucial that users don't leave their Redis instances exposed to the internet and secure them with strong authentication. The issue impacts all versions of Redis. It has been addressed in versions 6.2.20, 7.2.11, 7.4.6, 8.0.4, and 8.2.2 released on October 3, 2025. As tempor...

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware. The vulnerability is CVE-2025-10035 (CVSS score: 10.0), a critical deserialization bug that could result in command injection without authentication. It was addressed in version 7.8.4, or the Sustain Release 7.6.3. "The vulnerability could allow a threat actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection and potential remote code execution (RCE)," the Microsoft Threat Intelligence team said . According to the tech giant, Storm-1175 is a cybercriminal group known for deploying Medusa ransomware and exploiting public-facing applications for initial access. Exploitation activity related to CVE-2025-10035 is said to have been detected in multiple organizations on September 11, 2025. It...

CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider (aka Cl0p ), and that the first known exploitation occurred on August 9, 2025. The malicious activity involves the exploitation of CVE-2025-61882 (CVSS score: 9.8), a critical vulnerability that facilitates remote code execution without authentication. The cybersecurity company also noted that it's currently not known how a Telegram channel "insinuating" collaboration between Scattered Spider, LAPSUS$ (aka Slippy Spider), and ShinyHunters came into the possession of an exploit for the flaw, and if they and other threat actors have leveraged it in real-world attacks. The Telegram channel has been observed sharing the purported Oracle EBS exploit, while criticizing Graceful Spider's tactics. It's worth noting that the binaries dropped by the Cl0p actors contain...

A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the Ministry of State Security (MSS). The assessment comes from evidence that at least four BIETA personnel have clear or possible links to MSS officers and their relationship with the University of International Relations, which is known to share links with the MSS, according to Recorded Future. The names of the four individuals include Wu Shizhong, He Dequan, You Xingang, and Zhou Linna. "BIETA and its subsidiary, Beijing Sanxin Times Technology Co., Ltd. (CIII), research, develop, import, and sell technologies that almost certainly support intelligence, counterintelligence, military, and other missions relevant to China's national development and security," the company said in a report shared with The Hacker News. "Their activities include researching methods of steganography that can likely support covert communications (COVCOM) a...

The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today's security landscape. Whether you're defending systems or just keeping up, these highlights help you spot what's coming before it lands on your screen. ⚡ Threat of the Week Oracle 0-Day Under Attack — Threat actors with ties to the Cl0p ransomware group have exploited a zero-day flaw in E-Business Suite to facilitate data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise and take control of the Oracle Concurrent Processing component. In a post shared on LinkedIn, Charles Carmakal, CTO of Mandiant at Google Cloud, said "Cl0p exploited multiple vulnerabilities in Ora...

In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM (AI Security Posture Management) solutions have gained traction to secure AI pipelines, sensitive data assets, and the overall AI ecosystem. These solutions help organizations identify risks, control security policies, and protect data and algorithms critical to their operations.  However, not all AI-SPM tools are created equal. When evaluating potential solutions, organizations often struggle to pinpoint which questions to ask to make an informed decision. To help you navigate this complex space, here are five critical questions every organization should ask when selecting an AI-SPM solution: 1: Does the solution offer comprehensive visibility and control over AI and associated data risk? With the proliferation of AI models across enterprises, m...

Oracle has released an emergency update to address a critical security flaw in its E-Business Suite software that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise and take control of the Oracle Concurrent Processing component. "This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password," Oracle said in an advisory. "If successfully exploited, this vulnerability may result in remote code execution." In a separate alert, Oracle's Chief Security Officer Rob Duhart said the company has released fixes for CVE-2025-61882 to "provide updates against additional potential exploitation that were discovered during our investigation." As indicators of compromise...

Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data.  The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand, Vietnam, Canada, and Brazil, spanning universities, tech firms, and telecom providers. The group was first discovered in April 2025. The targets are primarily mobile users, encompassing both Android and Apple iPhone devices. UAT-8099 is the latest China-linked actor to engage in SEO fraud for financial gain. As recently as last month, ESET revealed details of another threat actor named GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam with a malicious IIS module codenamed Gamshen to facilitate SEO fraud. "UAT-809...

A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in ICS calendar files, resulting in arbitrary code execution. "When a user views an e-mail message containing a malicious ICS entry, its embedded JavaScript executes via an ontoggle event inside a <details> tag," according to a description of the flaw in the NIST National Vulnerability Database (NVD). "This allows an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions such as setting e-mail filters to redirect messages to an attacker-controlled address. As a result, an attacker can perform unauthorized actions on the victim's acco...

Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity's agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data, including from connected services, like email and calendar. The sneaky prompt injection attack plays out in the form of a malicious link that, when clicked, triggers the unexpected behavior unbeknownst to the victims. "CometJacking shows how a single, weaponized URL can quietly flip an AI browser from a trusted co-pilot to an insider threat," Michelle Levy, Head of Security Research at LayerX, said in a statement shared with The Hacker News. "This isn't just about stealing data; it's about hijacking the agent that already has the keys. Our research proves that trivial obfuscation can bypass data exfiltration checks and pull email, calendar, and connector data off-box in one click. AI-native browsers need security-by-design for agent...

Threat intelligence firm GreyNoise disclosed on Friday that it has observed a massive spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, 2025, the highest level recorded in the last three months. It described the traffic as targeted and structured, and aimed primarily at Palo Alto login portals. As many as 1,300 unique IP addresses have participated in the effort, a significant jump from around 200 unique IP addresses observed before. Of these IP addresses, 93% are classified as suspicious and 7% as malicious. The vast majority of the IP addresses are geolocated to the U.S., with smaller clusters detected in the U.K., the Netherlands, Canada, and Russia. "This Palo Alto surge shares characteristics with Cisco ASA scanning occurring in the past 48 hours," GreyNoise noted. "In both cases, the scanners exhibited regional clu...

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That's according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has been tracking Detour Dog since August 2023, when GoDaddy-owned Sucuri disclosed details of attacks targeting WordPress sites to embed malicious JavaScript that used DNS TXT records as a communication channel for a traffic distribution system (TDS), redirecting site visitors to sketchy sites and malware. Traces of the threat actor date back to February 2020. "While traditionally these redirects led to scams, the malware has evolved recently to execute remote content through the DNS-based command-and-control (C2) system," Infoblox said . "We are tracking the threat actor who controls this malware as Detour Dog." Det...

The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to support the ability to collect device and web browser fingerprints, among others. "Rhadamanthys was initially promoted through posts on cybercrime forums, but soon it became clear that the author had a more ambitious plan to connect with potential customers and build visibility," Check Point researcher Aleksandra "Hasherezade" Doniec said in a new report. First advertised by a threat actor named kingcrete2022, Rhadamanthys has emerged as one of the most popular information stealers available under a malware-as-a-service (MaaS) model alongside Lumma, Vidar, StealC, and, more recently, Acreed. The current version of the stealer is 0.9.2. Over the years, the stealer's capabilities have extended far beyond simple data collection, representing a comprehensive threat to ...