Mohit Kumar

🚨 Major AI engines from Meta, Nvidia, Microsoft, and PyTorch were hit by the same critical bug. It lets attackers run code on remote systems — all because of a reused unsafe pattern in ZeroMQ and Python pickle. Some systems are still not fixed. Read the full story ↓…

🚨 Major AI engines from Meta, Nvidia, Microsoft, and PyTorch were hit by the same critical bug. It lets attackers run code on remote systems — all because of a reused unsafe pattern in ZeroMQ and Python pickle. Some systems are still not fixed. Read the full story ↓…

Most tools that promise to simplify Google Workspace offboarding end up creating more problems than they solve. Rigid workflows. Chat messages left unarchived. Manual fixes that take hours... Curious how companies like Google automate their deprovisioning in a no-code way? Join…

🚨 CISA says hackers are exploiting a serious WatchGuard firewall flaw (CVE-2025-9242, score 9.3). Attackers can run code without logging in. Over 54,000 Firebox devices are still exposed. Patch before Dec 3. Details ↓ thehackernews.com/2025/11/cisa-f…

🚨 Over 43,000 fake npm packages have flooded the registry since 2024. They don’t steal data — they just keep cloning themselves. A hidden script waits until someone runs node auto.js, then the cycle starts. It went unnoticed for almost two years. Read more →…

🚨 Hackers made 4,300+ fake hotel websites copying Booking[.]com, Airbnb, and Expedia. Each fake page looks real, changes based on your booking link, and steals your card details. See how this massive travel scam works ↓ thehackernews.com/2025/11/russia…

🚨 New ThreatsDay Bulletin is out! From AI bug bounties and data leaks to phishing kits and global cyber laws — here’s what’s shaping the week in cybersecurity. 👉 Read the full update: thehackernews.com/2025/11/threat…

Scale Container Security with Confidence — Live Webinar Learn how top teams build secure, compliant containers that scale — without slowing delivery. 📅 Nov 25 | 11 AM EST 🎙️ 20-Minute Session + Q&A Save Your Seat 👇 thn.news/webinar-insigh…

💻 Google sued a Chinese hacker group that runs a phishing service called Lighthouse. It tricked over 1 million people in 120 countries and made more than $1 billion using fake Google and USPS pages. They sold the phishing kits — $88 a week to $1,588 a year. Read more →…

🚨 Microsoft just fixed a Windows flaw hackers are already exploiting in the wild. The kernel bug (CVE-2025-62215) lets anyone with local access gain full control — and it’s being linked with other attacks for complete takeover. Install the latest patches now ↓…

🤖 82% of companies use AI agents. 🔐 53% let them access sensitive data every day. ⚠️ Most don’t know who owns or controls them. One forgotten agent can leak everything. How to stop it → thehackernews.com/expert-insight…

🔥 Google just launched Private AI Compute — a new cloud system that runs AI without letting Google see your data. It keeps Gemini models inside secure, encrypted hardware to protect privacy. Auditors did find small flaws that could, in rare cases, expose users — but Google…

A new malware called Maverick is spreading through WhatsApp Web. It can copy your Chrome data to skip QR logins, turn off Defender, and message your contacts from your account. Full story ↓ thehackernews.com/2025/11/whatsa…

AI-driven supply chain attacks jumped 156% last year. This new malware rewrites itself, looks like real code, and waits weeks before hitting. Most security tools can’t spot it. See what CISOs are doing to fight back ↓ thehackernews.com/2025/11/cisos-…

🚨 GootLoader is back — and smarter. Huntress found 3 new cases since Oct 27. In 2 of them, attackers took full control in under 17 hours. Now it hides fake PDFs using special web fonts so the files look safe. ZIPs fool scanners but open real malware on Windows. Details ↓…

🚨 🚨 New Android RAT — “Fantasy Hub” — is on sale on Russian Telegram: $200/week or $4,500/year. It turns any app into spyware, pretends to be a Play update, hijacks SMS to steal 2FA, and streams camera/mic in real time via WebRTC. Novices can buy and run it. If you use BYOD…

North Korea’s Konni group just pulled off something wild — they turned Google’s own Find Hub into a weapon. By stealing Google logins, they could remotely wipe Android phones, erasing data and covering their tracks. It all started with a fake “Stress Clear” app, signed with a…

Last week in cyber was wild. 🔒 Malware hiding in VMs 🤖 AI chats leaking through encrypted traffic 📱 Spyware on flagship Androids 💣 Logic bombs set to go off years later 🕵️‍♂️ Fake AI bots, deepfakes, and more... You can’t afford to miss this recap: thehackernews.com/2025/11/weekly…

⚠️ Hackers are posing as Booking[.]com to target hotels. Fake “security” emails trick managers into running a PowerShell script that installs PureRAT — giving full access to hotel systems. Stolen logins and card data are being sold online. More information here →…

🚨 Three VS Code extensions — downloaded over 10,000 times — turned out to be part of a revived GlassWorm attack. And... it spreads on its own. One infected developer can quietly compromise an entire team. They're stealing credentials for GitHub, VSX, and crypto wallets while…