The Hacker News

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

TamperedChef spreads through fake installers and SEO abuse, delivering a persistent JavaScript backdoor across multiple ...
The Hacker News

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

Cyber operations by Iran-linked groups used AIS and CCTV intelligence to support real-world missile attacks, Amazon reports.
The Hacker News

Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

Eternidade Stealer spreads via WhatsApp hijacking, using Python scripts and IMAP-driven C2 updates to target Brazilian users.
The Hacker News

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0), which allows remote attackers to execute arbitrary code.
The Hacker News

ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts

Second-order prompt injection exploits ServiceNow agent discovery, enabling unauthorized actions unless configurations and monitoring are tightened.
The Hacker News

Application Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software

Granular application containment reduces overreach, blocks lateral movement, and cuts SOC alerts by up to 90%.