The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.
CoinDesk

Bonk.fun hacked: Domain hijacked, crypto drainer planted

The operator, known as Tom, said only users who signed a fake terms-of-service message on the compromised site after the breach were affected.
PCMag on MSN

Wikipedia forced to lock down edits over JavaScript that could delete pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
NextBigFuture

Everyone Spies on Everyone for Mutual Assured Espionage

Israel (via Unit 8200/Mossad cyber ops) spent years hacking into Tehran’s public traffic cameras and related feeds ...
techlomedia.in

New WhatsApp Exploit Script Listed for Sale on Hacking Forums

Add Techlomedia as a preferred source on Google. A new threat has emerged on underground hacking forums involving the popular messaging app WhatsApp. Security researchers have noticed posts where a ...
cybernews

Amateur attacker uses AI toolkits, including Claude and Deepseek, to hack Fortinet firewalls

Commercial AI services are enabling even unsophisticated threat actors to conduct cyberattacks at scale. This time, a Russian-speaking threat actor leveraged AI tools to compromise more than 600 ...