Mohit Kumar

⚠️ Hackers are hiding malware in normal websites. A new attack called JS#SMUGGLER plants code that quietly runs PowerShell through mshta.exe to install NetSupport RAT — giving attackers full control of your computer. It even checks your device type to avoid being caught. 🔗…

⚠️ Three new Android threats just dropped: • FvncBot – fake “mBank” app that logs keys, streams screens, and steals banking data. • SeedSnatcher – spreads via Telegram to steal crypto seed phrases and 2FA codes. • ClayRat – upgraded spyware faking YouTube & taxi apps for full…

⚠️ Iran’s MuddyWater hackers are using a new backdoor called "UDPGangster" that hides in fake “election seminar” Word files. It only runs after checking if your computer is real — not a sandbox — then steals data over UDP to dodge detection. 🔗 Read → thehackernews.com/2025/12/muddyw…

⚠️ Hackers are exploiting a bug in the Sneeit Framework plugin (CVE-2025-6389) to run code on servers and create admin accounts on WordPress sites. ⚠️ Separately, a flaw in ICTBroadcast (CVE-2025-2611) lets attackers use the BROADCAST cookie for unauthenticated remote shell…

🚨 Critical Apache Tika flaw (CVE-2025-66516) just dropped — CVSS 10.0. A single fake PDF can trigger an XXE attack, letting hackers read server files or run code. 🔗 Read ↓ thehackernews.com/2025/12/critic… Update to v3.2.2 now.

🛑 Over 30 security flaws found in AI-powered coding tools like Copilot, Cursor, and Zed — letting hackers steal data or run malicious code without you doing a thing. Researchers are calling it “IDEsaster.” 🔗 Details here → thehackernews.com/2025/12/resear…

⚠️ Within HOURS of disclosure, two China-linked hacking groups weaponized a critical React flaw (CVE-2025-55182). They’re already scanning the web for unpatched apps. Update to React 19.0.1+ now. 🔗 Read ↓ thehackernews.com/2025/12/chines…

🚨 A lawyer in Pakistan was hacked with Predator SPYWARE — the first confirmed spyware attack on a civil society member in the country. It started with a link on WhatsApp, but new leaks show Predator can also spread through ads — no click needed. 🔗 Read →…

🚨 WARNING: A new attack can trick Perplexity’s Comet browser into deleting your Google Drive. Just one normal-looking email with hidden cleanup instructions can make the AI agent erase real files — no exploit, no warning. 🔗 Details here → thehackernews.com/2025/12/zero-c…

✈️ Hackers faking airport Wi-Fi. 💻 Malware hiding inside coding tools. 🤖 AI rewriting security playbooks. That’s just the start — and 15+ more stories inside. 📰 This week’s #ThreatsDay Bulletin uncovers the sneakiest hacks, scams, and “too-smart” malware out there. 🔗 Catch…

🚨 A fake Microsoft Teams installer is spreading malware in China. Hackers called "Silver Fox" made it look like a Russian attack to hide their tracks. It installs ValleyRAT, giving full remote access to victims. 🔗 Read: thehackernews.com/2025/12/silver…

ShinyHunters. Salesloft Drift. Gainsight. Different breaches — same playbook: • Abused OAuth trust • Exploited integrations • Targeted non-human identities Still think Salesforce is “just another app”? Attackers don’t — they’re hitting the entire SaaS supply chain. 👉 Read…

🚨 UPDATE: The RCE flaw in React Server Components now has a name — React2shell (CVE-2025-55182). Experts warn it’s a “master key” exploit — attackers can run any code just by sending a crafted HTTP request. No login needed. 🔗 Read: thehackernews.com/2025/12/critic…

🚨 Cloudflare just stopped the largest DDoS attack ever — a 29.7 Tbps strike from the AISURU botnet that used up to 4 million hacked devices. It hit 15,000 ports every second for 69 seconds before being blocked. 🔗 Details: thehackernews.com/2025/12/record…

🚨 Thousands hacked after downloading what looked like “official” government apps. They were fake versions of real banking apps, modified by hackers from GoldFactory to include malware. So far, over 11,000 phones in Southeast Asia have been infected. 🔗 Details ↓…

⚡ A 16-year-old with a $200 allowance can now outsmart your email security. Tools like WormGPT, FraudGPT, and SpamGPT are automating cybercrime — writing perfect CEO emails, building fake sites, and scaling attacks faster than filters can react. In this live session, experts…

🚨 Warning: businesses are facing a new threat! #Salty2FA and #Tycoon2FA are now attacking together. The #phishing campaign that's just been discovered is stealing corporate logins at scale. See the breakdown and key IOCs for your SOC ⬇️ thn.news/tycoon-phish-2…

⚠️ Microsoft just fixed a Windows flaw hackers have used since 2017. The bug let malicious shortcut (.LNK) files hide long commands that users couldn’t see — used by groups from China, Iran, North Korea, and Russia. Patched in Nov 2025 update. 🔗 Read: thehackernews.com/2025/12/micros…

🚨 A major WordPress flaw is being exploited right now. The King Addons for Elementor plugin let anyone sign up as an admin — no login needed. Over 48,000 attack attempts have been blocked since October. Full details → thehackernews.com/2025/12/wordpr…

⚠️ Brazil under dual attack. Water Saci is spreading a banking trojan through a WhatsApp-based worm, while RelayNFC is running an Android NFC relay campaign that steals contactless payment data. Both threats use social engineering and target Brazilian users. 🔗 Read details:…