The Hacker News

⚠️ Three new PCIe security flaws found — they let hackers change or fake data moving between computer parts. They affect some Intel Xeon and AMD EPYC chips. The problem? It’s in the encryption that was supposed to keep data safe. 🔗 Read → https://thehackernews.com/2025/12/three-pcie-encryption-weaknesses-expose.html

⚠️ WinRAR just made CISA’s “actively exploited” list. Russian, South Asian, and Ukrainian-targeting hacker groups are using the flaw to hijack Windows — by planting code that runs every time Word opens. 🔗 Patch WinRAR now ↓ https://thehackernews.com/2025/12/warning-winrar-vulnerability-cve-2025.html

⚡WEBINAR ⤑ Hackers are finding new ways into the cloud and most tools can’t spot them. Next week, the #PaloAltoNetworks team will show real examples of how attacks happen and how to block them. 🔗 Join the live session to learn how to protect your setup: https://thehackernews.com/2025/12/webinar-how-attackers-exploit-cloud.html

⚠️ Microsoft just fixed 56 Windows bugs — one’s already being exploited. It hides in the Cloud Files driver used by OneDrive, Google Drive, and iCloud — even if those apps aren’t installed. Hackers can chain it with phishing to gain SYSTEM access. Plus: 2 zero-days in PowerShell and GitHub Copilot for JetBrains. 🔗 Details ↓ https://thehackernews.com/2025/12/microsoft-issues-security-fixes-for-56.html

⚠️ Fortinet, Ivanti & SAP just fixed critical bugs that let attackers break in or run code remotely. ➜ Fortinet: auth bypass via fake SAML login. ➜ Ivanti: admin takeover through poisoned dashboards. ➜ SAP: code injection in Solution Manager (CVSS 9.9). 🔗Patch Now: https://thehackernews.com/2025/12/fortinet-ivanti-and-sap-issue-urgent.html

🚨 North Korean hackers are exploiting the new React2Shell bug (10.0-severity) to drop EtherRAT — malware that hides its commands inside Ethereum smart contracts. It even makes 9 blockchain nodes “vote” to pick its server, so takedowns fail. 🔗 Read now ↓ https://thehackernews.com/2025/12/north-korea-linked-actors-exploit.html

⚠️ 4 hacker groups are now using the same malware tool — CastleLoader. It’s sold as malware-for-hire by a group called GrayBravo. They’re hitting targets from logistics to IT using fake online Booking pages and software updates. Each attack links back to the same control servers — built to spread fast. 🔗 Read ↓ https://thehackernews.com/2025/12/four-threat-clusters-using-castleloader.html

GTG-1002 changed the rules. An AI-driven attack hit dozens of companies—80% run autonomously, at machine speed. The real threat? SaaS tokens that stay trusted forever after one approval. Static trust can’t defend against dynamic attackers. 🔗 Learn more: https://thehackernews.com/expert-insights/2025/12/what-gtg-1002-and-claude-style-attacks.html

🚨 Storm-0249 just changed tactics. The hacker group Microsoft flagged in 2024 is now faking Microsoft domains and abusing real security tools like SentinelOne to sneak in ransomware. They’re using PowerShell commands that never drop files—making them almost invisible. 🔗 Read ↓ https://thehackernews.com/2025/12/storm-0249-escalates-ransomware-attacks.html

💡 Most Zero Trust tools still don’t talk to each other — so access decisions lag behind real risks. A MongoDB engineer built a workflow using Tines that lets Kolide send real-time device alerts to Okta through the Shared Signals Framework. Finally, Zero Trust that actually works in sync. 🔗 Read: https://thehackernews.com/2025/12/how-to-streamline-zero-trust-using.html

🔥 You can win $20K for breaking Google’s new Chrome security feature. Google just added the “User Alignment Critic,” a safeguard that uses a second model to double-check Chrome’s AI agent and block prompt attacks or data leaks. 🔗 Read: https://thehackernews.com/2025/12/google-adds-layered-defenses-to-chrome.html

🚨 Hackers are uploading fake resumes on Indeed and JazzHR to breach Canadian companies. 80% of attacks in this campaign hit Canada. The “PDFs” actually launch QWCrypt ransomware through a tool called RedLoader. 🔗 Read: https://thehackernews.com/2025/12/stac6565-targets-canada-in-80-of.html