The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trialsby [email protected] (The Hacker News) on 9 May 2025 at 11:40 am
Cybersecurity researchers are warning of a new campaign that's targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025. "The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox," Cisco Talos
- Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Businessby [email protected] (The Hacker News) on 9 May 2025 at 11:11 am
AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks — like data leaks, identity theft, and malicious misuse. If your company is exploring or already using AI agents, you need to ask: Are they secure? AI agents work with sensitive data and make real-time decisions. If they’re not
- Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentialsby [email protected] (The Hacker News) on 9 May 2025 at 10:57 am
Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. "Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's
- Beyond Vulnerability Management – Can You CVE What I CVE?by [email protected] (The Hacker News) on 9 May 2025 at 10:57 am
The Vulnerability Treadmill The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinct
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Androidby [email protected] (The Hacker News) on 9 May 2025 at 7:13 am
Google on Thursday announced it's rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops. "The on-device approach provides instant insight on risky websites and allows us to offer