The Hacker News

🔥 On its 21st birthday, Google rolls out built-in end-to-end encryption for enterprise Gmail users—no extensions, no certificate swaps. 🔒 Just click, send, secure. Powered by client-side encryption. 🛠️ Admins hold the keys | Google can’t see a thing. 👉 See how it works: https://lnkd.in/gdszcZtP

🔥 1,500+ PostgreSQL servers hacked for crypto mining. A threat group tracked as JINX-0126 is exploiting publicly exposed PostgreSQL instances with weak passwords. What’s happening: • Malware: PG_MEM (fileless, evasive) • Goal: Deploy XMRig miner • Victims: Over 1,500 servers, 3 wallets, ~550 miners each 🔗 Full story: https://lnkd.in/gxBss66a

🚨 Think SMS phishing is old news? Think again. A new PhaaS platform called Lucid is hijacking iMessage & Android RCS to dodge filters and hit 169 targets in 88 countries. 💳 Goal? Steal credit cards + PII, at scale. 🔗 Learn more: https://lnkd.in/gF2Wy58j

🔥 Your CSRF tokens might already be leaking. A global retailer dodged a $3.9M breach and GDPR fines up to €20M—all due to one misconfigured Facebook Pixel exposing CSRF tokens. The kicker? This wasn’t malware. It was human error—undetectable by blockers. Protect your site before regulators come knocking. 🔗 Learn what to fix → https://lnkd.in/gk6zCJKN

🚨 Old iPhones, new threats. Apple just patched 3 exploited zero-days—and yes, even your dusty iPhone 6s is getting a fix. 🛡️ What's at stake? • CVE-2025-24201 (CVSS 8.8): Malicious web content breaking free from Safari’s sandbox • CVE-2025-24085 (7.3): Apps hijacking system privileges • CVE-2025-24200 (4.6): Bypassing USB Restricted Mode—hello physical attacks 🔥 Why now? These bugs are being actively exploited in the wild. 🔗 Full list + device breakdown: https://lnkd.in/gyAG3Qu4

🔥 23,958 IPs. 10 days. One target: Palo Alto GlobalProtect. A massive spike in login scans hints at coordinated recon—and possible exploitation ahead. If you run GlobalProtect, this is your early warning. Audit & harden exposed portals now. 🔗 Full story: https://lnkd.in/gjGhhiTa

A China-linked hacking group, Earth Alux, is hitting key sectors in Asia-Pacific and Latin America with stealthy, advanced cyberattacks. 🛠 Tools & Tactics: • VARGEIT: A backdoor hidden in mspaint.exe, used for spying and data theft • COBEACON (Cobalt Strike): Initial access • MASQLOADER: Evades security detection • Uses 10+ covert communication channels, including Microsoft Outlook drafts 👉 Learn more: https://lnkd.in/gx74XRB8 Stay alert. These attacks are live.

🔥 Apple hit with €150M fine for “biased” privacy rules. France says Apple’s App Tracking Transparency (ATT) gave itself a privacy pass—while forcing rivals through a double-consent maze. Regulators call it unfair, confusing, and not truly neutral. https://lnkd.in/gMPFdrJC

🚨 A Russian group, Water Gamayun, is abusing a Windows zero-day (CVE-2025-26633) to drop two chilling backdoors: SilentPrism & DarkWisp. They’re hiding in plain sight—using signed .msi files posing as legit apps like DingTalk & VooV to hijack systems. 👀 Targets? Your data, credentials, and even crypto wallets. 💀 Techniques? Living-off-the-land, PowerShell implants, fake WinRAR sites—pure cyber espionage playbook. 🔗 Learn more: https://lnkd.in/duU7QEiM

🚨 Hackers are abusing WordPress mu-plugins—a hidden auto-run directory—to inject malware, hijack links, and redirect users to scam sites. Also, add these to the list of 2024's major WordPress threats: CVE-2024-27956 | SQL injection CVE-2024-25600 | RCE in Bricks theme CVE-2024-8353 | PHP injection CVE-2024-4345 | Arbitrary file upload If you run a WordPress site, check your mu-plugins folder NOW. 🛡️ Full story: https://lnkd.in/g9pjsyX5