#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Salesforce Security Handbook

Search results for prime disruption | Breaking Cybersecurity News | The Hacker News

Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds

Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds

Sep 25, 2025
The latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The largest attack peaked at 2.2 Tbps, surpassing the 2 Tbps record in late 2024. Attacks are growing not only in scale but in sophistication, with longer durations, multi-layered strategies, and a shift in target industries. Technology now overtakes gaming as the most attacked sector, while the financial services industry continues to face heightened risks. Key takeaways: the evolving DDoS landscape Here are five key insights from the Q1–Q2 2025 Gcore Radar report: Attack volumes are rising. Total attacks climbed from 969,000 in H2 2024 to 1.17 million in H1 2025, a 21% increase over the previous two quarters and 41% YoY growth. Attack size continues to grow. The peak attack of 2.2 Tbps demonstrates the increasing scale and destructive potential of modern DDoS campaigns. Attacks are becoming longer and more sophisticated. Extended durations and mu...
New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

Aug 23, 2024 Ransomware / Data Breach
The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascading consequences, cybersecurity firm Sophos said in a Thursday report. The attack, detected in July 2024, involved infiltrating the target network via compromised credentials for a VPN portal that lacked multi-factor authentication (MFA), with the threat actors conducting post-exploitation actions 18 days after initial access took place. "Once the attacker reached the domain controller in question, they edited the default domain policy to introduce a logon-based Group Policy Object (GPO) containing two items," researchers Lee Kirkpatrick, Paul Jacobs, Harshal Gosalia, and Robert Weiland said . The first of them is a PowerShell script named "IPScanner.ps1" that's desi...
The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats

The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats

Jun 02, 2025 Threat Detection / OT Security
The evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As attackers become more sophisticated — leveraging encryption, living-off-the-land techniques, and lateral movement to evade traditional defenses — security teams are finding more threats wreaking havoc before they can be detected. Even after an attack has been identified, it can be hard for security teams to prove to auditors that they have fully mitigated the issues that allowed the attackers in. Security teams worldwide have prioritized endpoint detection and response (EDR), which has become so effective that threat actors have changed their tactics to avoid attack vectors protected by host-based defenses. These advanced threats are particularly vexing for critical infrastructure providers in financial services , energy and utilities , transportation , and government agencies that may have proprietary systems that cannot be protected by traditional endpoint securi...
cyber security

CISO Best Practices Cheat Sheet: Cloud Edition

websiteWizCloud Security / Automation
Whether you're inheriting a cloud program, scaling multi-cloud or aligning with board goals, this cheat sheet helps drive measurable outcomes with proven frameworks & 90-day steps.
cyber security

Keeper Security recognized in the 2025 Gartner® Magic Quadrant™ for PAM

websiteKeeper SecurityPassword Security / Threat Detection
Access the full Magic Quadrant report and see how KeeperPAM compares to other leading PAM platforms.
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

Sep 08, 2025 Cybersecurity / Hacking News
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it's knowing which risks matter most right now. That's what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the Salesloft–Drift breach, where attackers stole OAuth tokens and accessed Salesforce data from some of the biggest names in tech. It's a sharp reminder of how fragile integrations can become the weak link in enterprise defenses. Alongside this, we'll also walk through several high-risk CVEs under active exploitation, the latest moves by advanced threat actors, and fresh insights on making security workflows smarter, not noisier. Each section is designed to give you the essentials—enough to stay informed and prepared, without getting lost in the noise. ⚡ Threat of the Week Salesloft to Take Drift Of...
⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More

⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More

Jun 02, 2025 Cybersecurity / Hacking News
If this had been a security drill, someone would've said it went too far. But it wasn't a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too late. This is how attacks happen now—quiet, convincing, and fast. Defenders aren't just chasing hackers anymore—they're struggling to trust what their systems are telling them. The problem isn't too few alerts. It's too many, with no clear meaning. One thing is clear: if your defense still waits for obvious signs, you're not protecting anything. You're just watching it happen. This recap highlights the moments that mattered—and why they're worth your attention. ⚡ Threat of the Week APT41 Exploits Google Calendar for Command-and-Control — The Chinese state-sponsored threat actor known as APT41 deployed a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). Google said it observed the spear-phishing attacks in October 2024 and that the malware was hosted on...
Omnicell Healthcare Company Confirms Ransomware Incident

Omnicell Healthcare Company Confirms Ransomware Incident

Oct 12, 2022
In a US SEC (Securities and Exchange Commission)  8-K filing , Omnicell, the healthcare technology provider, revealed that some of its products, services, and internal systems were affected by ransomware.  Upon detecting the incident, the medication management systems provider took immediate action to contain the attack and ensure continued operation. In its  10-Q form  filing, Omnicell disclosed that cyber-attacks or data breaches disrupted its business.  Will you be the next victim? If you overlook the importance of data protection, attackers can get you in no time.  Explore the  impact of the data breach  on the healthcare sector and what preventive measures can be taken against such attacks. Omnicell Announced Data Breach  Founded in 1992, Omnicell is a leading provider of medication management solutions for hospitals, long-term care facilities, and retail pharmacies.  On May 4, 2022 , Omnicell's IT systems and third-party clo...
A Few More Reasons Why RDP is Insecure (Surprise!)

A Few More Reasons Why RDP is Insecure (Surprise!)

Jul 20, 2023
If it seems like Remote Desktop Protocol (RDP) has been around forever, it's because it has (at least compared to the many technologies that rise and fall within just a few years.) The initial version, known as "Remote Desktop Protocol 4.0," was released in 1996 as part of the Windows NT 4.0 Terminal Server edition and allowed users to remotely access and control Windows-based computers over a network connection.  In the intervening decades, RDP has become a widely used protocol for remote access and administration of Windows-based systems. RDP plays a crucial role in enabling remote work, IT support, and system management and has served as the foundation for various remote desktop and virtual desktop infrastructure (VDI) solutions.  The downside of RDP's widespread use is that a Remote Code Execution (RCE) vulnerability in an RDP gateway can have severe consequences, potentially leading to significant damage and compromising the security and integrity of the affec...
Entra ID Data Protection: Essential or Overkill?

Entra ID Data Protection: Essential or Overkill?

May 06, 2025 SaaS Security / Identity Management
Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid work and cloud adoption accelerate, Entra ID plays an even more central role — managing authentication, enforcing policy, and connecting users across distributed environments. That prominence also makes it a prime target. Microsoft reports over 600 million attacks on Entra ID every day. These aren't just random attempts, but include coordinated, persistent, and increasingly automated campaigns designed to exploit even small vulnerabilities. Which brings us to the core question: Are Entra ID's native protections enough? Where do they fall short — and what steps should you take to close the gaps and ensure you're covered? Understanding Entra ID At its core, Microsoft Entra ID is your enterprise identity and access management system. It defines how users prove who they are, what resources...
Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene

Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene

Sep 19, 2024 Cyber Hygiene / Network Security
Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, it's not just data at risk — it's the care of patients who depend on life-saving treatments. Imagine an attack that forces emergency care to halt, surgeries to be postponed, or a cancer patient's private health information used for extortion. This is the reality healthcare faces as cybercriminals exploit people who need care. Healthcare accounted for 17.8% of all breach events and 18.2% of destructive ransomware events since 2012 1 , surpassing other sectors like finance, government, and education. This alarming rise in attacks makes one thing clear: poor cybersecurity hygiene is the root cause, and the consequences for failing to address these vulnerabilities are devastating. Organizations that neglect basic cybersecurity practices, like sof...
⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

Jul 07, 2025 Cybersecurity / Hacking
Everything feels secure—until one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is misused. Most threats don't start with alarms—they sneak in through the little things we overlook. A tiny bug, a reused password, a quiet connection—that's all it takes. Staying safe isn't just about reacting fast. It's about catching these early signs before they blow up into real problems. That's why this week's updates matter. From stealthy tactics to unexpected entry points, the stories ahead reveal how quickly risk can spread—and what smart teams are doing to stay ahead. Dive in. ⚡ Threat of the Week U.S. Disrupts N. Korea IT Worker Scheme — Prosecutors said they uncovered the North Korean IT staff working at over 100 U.S. companies using fictitious or stolen identities and not only drawing salaries, but also stealing secret data and plundering virtual currency more than $900,000 in one incident targeting an unnamed blockchain company in ...
Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them

Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them

Aug 28, 2025 SaaS Security / Business Continuity
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million. Also, in 2024, the private data of over 15 million Trello user profiles was shared on a popular hacker forum. Yet, most organizations and project managers still assume that their platform's built-in backups are enough until they are not. The next few paragraphs will expose some risks of relying on these platform tools alone and how to better protect yourself and your organization from data loss with cloud backup and recovery . Why are project management tools becoming a prime target for data loss? More than 95% of businesses today rely heavily on project management tools like Trello and Asana to organize tasks, collaborate with teams, and track project milestones. However, as project managers become mor...
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

Oct 06, 2025 Cybersecurity / Hacking News
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today's security landscape. Whether you're defending systems or just keeping up, these highlights help you spot what's coming before it lands on your screen. ⚡ Threat of the Week Oracle 0-Day Under Attack — Threat actors with ties to the Cl0p ransomware group have exploited a zero-day flaw in E-Business Suite to facilitate data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise and take control of the Oracle Concurrent Processing component. In a post shared on LinkedIn, Charles Carmakal, CTO of Mandiant at Google Cloud, said "Cl0p exploited multiple vulnerabilities in Ora...
FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

Feb 28, 2024 Ransomware / Healthcare
The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government  said  in an updated advisory. "This is likely in response to the ALPHV/BlackCat administrator's post encouraging its affiliates to target hospitals after operational action against the group and its infrastructure in early December 2023." The alert comes courtesy of the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS). The BlackCat ransomware operation suffered a major blow late last year after a coordinated law enforcement operation led to the  seizure of its dark leak sites . But the takedown turned out to be a failure after the group managed to regain control of the...
c
Expert Insights Articles Videos
Cybersecurity Resources