Search results for real-time bitdefender threats | Breaking Cybersecurity News | The Hacker News

How many Internet-connected devices do you have in your home? I am surrounded by around 25 such devices. It's not just your PC, smartphone, and tablet that are connected to the Internet. Today our homes are filled with tiny computers embedded in everything from security cameras, TVs and refrigerators to thermostat and door locks. However, when it comes to security, people generally ignore to protect all these connected devices and focus on securing their PCs and smartphones with a good antivirus software or a firewall application. What if any of these connected devices, that are poorly configured or insecure by design, get hacked? It would give hackers unauthorized access to your whole network allowing them to compromise other devices connected to the same network, spy on your activities and steal sensitive information by using various sophisticated hacks. There have already been numerous cases of attackers hacking home appliances, industrial control, automotive, medic...

Looking to up your cybersecurity game in the new year? Do not just buy electronics this vacation season, improve your cybersecurity! The end of the year is a great time to re-evaluate your cybersecurity strategy and make some important investments in protecting your personal and professional data. Cyber threats are constantly evolving and becoming more sophisticated, so it's important to stay on top of your security game. Investing in cybersecurity is not just about protecting your business from potential threats. It's also about gaining a competitive edge and earning the trust of your customers. In today's connected world, customers expect companies to prioritize their security. By investing in cybersecurity, you can show your customers that you value their data and their loyalty. One of the best ways to do this is to take advantage of year-end offers from top cybersecurity companies. Many of these companies offer special discounts on their products and services at thi...

Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you're always one step behind. But what if there was a smarter way to stay ahead—without adding more work or stress? Join The Hacker News and Bitdefender for a free cybersecurity webinar to learn about a new approach called Dynamic Attack Surface Reduction (DASR) —a method that helps security teams close gaps before attackers even find them. Most tools today only tell you what's wrong. They scan, report, and give you long lists of problems. But they don't help you fix them fast enough. The truth is, the attack surface keeps changing—new apps, cloud systems, remote devices, misconfigurations. It never stops. Attackers only need one open door. And that's why traditional defenses often fail—they react too slowly. Meet DASR: A Smarter Way to Stay Safe Dynamic Attack Surface Reduction (DASR) changes how we defend. Instead o...

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week's cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source repositories becoming a playground for credential theft and hidden backdoors. But it's not all bad news—law enforcement is tightening its grip on cybercriminal networks, with key ransomware figures facing extradition and the security community making strides in uncovering and dismantling active threats. Ethical hackers continue to expose critical flaws, and new decryptors offer a fighting chance against ransomware operators. In this week's recap, we dive into the latest attack techniques, emerging vulnerabilities, and defensive strategies to keep you ahead of the curve. Stay informed, stay sec...

Ever wonder what happens when attackers don't break the rules—they just follow them better than we do? When systems work exactly as they're built to, but that "by design" behavior quietly opens the door to risk? This week brings stories that make you stop and rethink what's truly under control. It's not always about a broken firewall or missed patch—it's about the small choices, default settings, and shortcuts that feel harmless until they're not. The real surprise? Sometimes the threat doesn't come from outside—it's baked right into how things are set up. Dive in to see what's quietly shaping today's security challenges. ⚡ Threat of the Week FBI Warns of Scattered Spider's on Airlines — The U.S. Federal Bureau of Investigation (FBI) has warned of a new set of attacks mounted by the notorious cybercrime group Scattered Spider targeting the airline sector using sophisticated social engineering techniques to obtain initial access. Cybersecurity vendors Palo Alto Networks Unit 4...

What do hijacked websites, fake job offers, and sneaky ransomware have in common? They're proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are getting smarter, faster, and more creative—using everything from human trust to hidden flaws in technology. The real question is: are you ready? 💪 Every attack holds a lesson, and every lesson is an opportunity to strengthen your defenses. This isn't just news—it's your guide to staying safe in a world where cyber threats are everywhere. Let's dive in. ⚡ Threat of the Week Palo Alto Networks Warns of Zero-Day: A remote code execution flaw in the Palo Alto Networks PAN-OS firewall management interface is the newest zero-day to be actively exploited in the wild. The company began warning about potential exploitation concerns on November 8, 2024. It has since been confirmed that it has been we...

The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today's security landscape. Whether you're defending systems or just keeping up, these highlights help you spot what's coming before it lands on your screen. ⚡ Threat of the Week Oracle 0-Day Under Attack — Threat actors with ties to the Cl0p ransomware group have exploited a zero-day flaw in E-Business Suite to facilitate data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise and take control of the Oracle Concurrent Processing component. In a post shared on LinkedIn, Charles Carmakal, CTO of Mandiant at Google Cloud, said "Cl0p exploited multiple vulnerabilities in Ora...

It's getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they're blending in, hijacking everyday tools, trusted apps, and even AI assistants. What used to feel like clear-cut "hacker stories" now looks more like a mirror of the systems we all use. This week's findings show a pattern: precision, patience, and persuasion. The newest campaigns don't shout for attention — they whisper through familiar interfaces, fake updates, and polished code. The danger isn't just in what's being exploited, but in how ordinary it all looks. ThreatsDay pulls these threads together — from corporate networks to consumer tech — revealing how quiet manipulation and automation are reshaping the threat landscape. It's a reminder that the future of cybersecurity won't hinge on bigger walls, but on sharper awareness. Open-source tool exploited Abuse of Nezha for Post-Exploitation Bad actors are le...

Cybersecurity researchers have discovered an entirely new attack vector that enables adversaries to exploit the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. "This newly-discovered attack vector means that anyone with a vulnerable Log4j version on their machine or local private network can browse a website and potentially trigger the vulnerability," Matthew Warner, CTO of Blumira,  said . "At this point, there is no proof of active exploitation. This vector significantly expands the attack surface and can impact services even running as localhost which were not exposed to any network." WebSockets  allow for two-way communications between a web browser (or other client application) and a server, unlike HTTP, which is unidirectional where the client sends the request and the server sends the response. While the issue can be resolved by updating all local development and internet-facing environments to Log4j 2.16.0, Apache o...

In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack. This week, we've seen cybercriminals turn overlooked weaknesses into major security threats, proving once again that no system is too small to be targeted. The question isn't whether attackers will find a way in—it's whether you'll be prepared when they do. Let's break down what you need to know. ⚡ Threat of the Week Microsoft Warns of Attacks Exploiting ASP.NET Machine Keys — Threat actors are exploiting publicly disclosed ASP.NET machine keys to inject and execute malicious code responsible for launching the Godzilla post-exploitation framework. Microsoft said it has identified over 3,000 publicly disclosed keys that could be used for these types of attacks dubbed ViewState code injection. The company also said it removed key-related artifacts from ...

Behind every security alert is a bigger story. Sometimes it's a system being tested. Sometimes it's trust being lost in quiet ways—through delays, odd behavior, or subtle gaps in control. This week, we're looking beyond the surface to spot what really matters. Whether it's poor design, hidden access, or silent misuse, knowing where to look can make all the difference. If you're responsible for protecting systems, data, or people—these updates aren't optional. They're essential. These stories reveal how attackers think—and where we're still leaving doors open. ⚡ Threat of the Week Google Releases Patches for Actively Exploited Chrome 0-Day — Google has released Google Chrome versions 137.0.7151.68/.69 for Windows and macOS, and version 137.0.7151.68 for Linux to address a high-severity out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine that it said has been exploited in the wild. Google credited Clement Lecigne and Benoît Sevens of Google T...

Cyber threats didn't slow down last week—and attackers are getting smarter. We're seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that's just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week's roundup highlights a clear shift: cybercrime is evolving fast, and the lines between technical stealth and strategic coordination are blurring. It's worth your time. Every story here is about real risks that your team needs to know about right now. Read the whole recap. ⚡ Threat of the Week Curly COMrades Abuses Hyper-V to Hide Malware in Linux VMs — Curly COMrades, a threat actor supporting Russia's geopolitical interests, has been observed abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine and deploy malicious payloads. This method allows the malware to run completel...

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights—and the unexpected cracks they reveal in systems we trust. ⚡ Threat of the Week Google Patches Actively Exploited Chrome 0-Day — Google has addressed a high-severity security flaw in its Chrome browser for Windows that has been exploited by unknown actors as part of a sophisticated attack aimed at Russian entities. The flaw, CVE-2025-2783 (CVSS score: 8.3), is said to have been combined with another exploit to break out of the browser's sandbox and achieve remote code execution. The attacks involved distributing specially crafted links via phishing emails that, when clicked and launched using Chrome, trig...

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights—and the unexpected cracks they reveal in systems we trust. ⚡ Threat of the Week Google Patches Actively Exploited Chrome 0-Day — Google has addressed a high-severity security flaw in its Chrome browser for Windows that has been exploited by unknown actors as part of a sophisticated attack aimed at Russian entities. The flaw, CVE-2025-2783 (CVSS score: 8.3), is said to have been combined with another exploit to break out of the browser's sandbox and achieve remote code execution. The attacks involved distributing specially crafted links via phishing emails that, when clicked and launched using Chrome, trig...

Researchers from the Bitdefender Mobile Threats team said they have intercepted more than 100,000 malicious SMS messages attempting to distribute  Flubot  malware since the beginning of December. "Findings indicate attackers are modifying their subject lines and using older yet proven scams to entice users to click," the Romanian cybersecurity firm  detailed  in a report published Wednesday. "Additionally, attackers are rapidly changing the countries they are targeting in this campaign." The new wave of attacks is said to have been most active in Australia, Germany, Poland, Spain, Austria, and Italy, among others, with attacks spreading to newer countries like Romania, the Netherlands, and Thailand starting mid-January. FluBot (aka Cabassous) campaigns use smishing as the primary delivery method to target potential victims, wherein users receive an SMS message with the question "Is this you in this video?" and are tricked into clicking a link that inst...