The Hacker News

前往频道在 Telegram

⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: admin@thehackernews.com 🌐 Website: https://thehackernews.com

显示更多

美国117 技术与应用701

...

📈 Telegram 频道 The Hacker News 的分析概览

频道 The Hacker News (@thehackernews) 英语语言赛道中的是活跃参与者。目前社区聚集了 161 815 名订阅者，在 技术与应用 类别中位列第 701，并在美国地区排名第 117 位。

📊 受众指标与增长动态

自 невідомо 创建以来，项目保持高速增长，吸引了 161 815 名订阅者。

根据 02 六月, 2026 的最新数据，频道保持稳定运转。过去 30 天订阅人数变化为 -1 204，过去 24 小时变化为 -50，整体触达仍然可观。

认证状态： 已认证（Telegram 官方确认）
互动率 (ER)： 平均受众互动率为 5.32%。内容发布后 24 小时内通常能获得 3.32% 的反应，占订阅者总量。
帖子覆盖： 每篇帖子平均可获得 8 610 次浏览，首日通常累积 5 380 次浏览。
互动与反馈： 受众积极参与，单帖平均反应数为 16。
主题关注点： 内容集中在 attack, credential, cve-2026, github, backdoor 等核心主题上。

📝 描述与内容策略

作者将该频道定位为表达主观观点的平台：
“⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: admin@thehackernews.com 🌐 Website: https://thehackernews.com”

凭借高频更新（最新数据采集于 03 六月, 2026），频道始终保持新鲜度与高覆盖。分析显示受众积极互动，使其成为 技术与应用 类别中的关键影响点。

161 815

订阅者

-5024 小时

-3567 天

-1 20430 天

8 610

帖子浏览量

~ 5 38024 小时

~ 6 33348 小时

5.32%

参与率

~ 7

每日帖子数

Ads index

beta

帖子存档

161 815

⚠️ Poisoned #WhatsApp, Slack, or SMS notifications could hijack Google Gemini on Android. No malicious app needed. A single alert could make #Gemini fake messages, trigger actions, join Zoom calls, or poison memory. Read details: https://thehackernews.com/2026/06/whatsapp-slack-notifications-could.html

161 815

What would your IT team do with 150 extra hours a month? Join Jamf and Tines_hq to learn how Jamf automated phishing reporting, employee notifications, FileVault key recovery, and more, while reducing manual IT work and accelerating response times. 📅 July 10, 11 AM ET 🎓 Earn up to 1.0 CPE credit for attending live Register: https://thn.news/tines-it-automation

161 815

Hackers are abusing Google DoubleClick to bypass security tools and deliver DesckVB RAT via personalized phishing pages using victim company branding and location. The .NET trojan establishes persistence and gives attackers full machine control. Read ➝ https://thehackernews.com/2026/06/google-doubleclick-abused-in-new.html

161 815

🚨 A single debug flag left on in production exposed BILLIONS of Microsoft 365 Android users. Any app on the same phone could silently steal your signed-in account token — and access email, files, calendar, and send messages without any prompt. The "FlagLeft" bug hit Word, Excel, PowerPoint, Copilot, Loop, and OneNote. Microsoft has fixed it. Update them now. Details: https://thehackernews.com/2026/06/microsoft-365-android-apps-let-any-app.html

161 815

🔔 WEBINAR ALERT — Zero-days won’t stop. AI builds exploits in minutes. HD Moore (Metasploit creator and runZero CEO) says stop racing patches. See your network like attackers do. Most teams trust their segmentation until hidden devices, shadow IT, and multi-homed systems connect everything. This session reveals real attack paths and limits what breaches can reach. Secure your spot 👇 https://thehackernews.com/2026/06/beyond-zero-day-see-your-network-like.html

161 815

🤖 An autonomous AI tool found a Redis RCE vulnerability that went unnoticed for more than two years. CVE-2026-23479 can let an authenticated user execute OS commands on the server. The flaw was introduced in Redis 7.2.0 and affected every stable branch until patches were released on May 5. 🔧 Details: https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html

161 815

🚨 A one-click flaw in GitHub.dev can let attackers steal #GitHub OAuth tokens with read/write access to repositories, including private ones. Microsoft is working on a fix. The attack abuses VS Code webviews and local workspace extensions to extract tokens. VS Code Desktop is not affected. Read: https://thehackernews.com/2026/06/one-click-github-dev-attack-lets.html

161 815

🚨 Nearly half of all enterprise identity activity is now invisible to security teams. Orchid Security discovered 46% of identity actions are "Identity Dark Matter" — hidden in unmanaged apps, shadow IT, and machine accounts. This blind spot is exactly where modern attacks are growing. Gartner’s new IVIP category aims to fix it with real visibility and intelligence. Learn more: https://thehackernews.com/2026/06/shrinking-iam-attack-surface-through.html

161 815

🚨 New unpatched Windows flaw lets attackers steal your NTLMv2 hash. The issue lives in the built-in search: URI handler. A simple malicious link can force your system to leak your hash to an attacker-controlled server. Captured hashes could be used in relay attacks for deeper network access. Details here: https://thehackernews.com/2026/06/unpatched-windows-search-uri.html

161 815

🚨 WARNING — New HTTP/2 Bomb exploit targets NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. A single client can consume 32GB of server memory in roughly 20 seconds, causing remote DoS conditions. Details here: https://thehackernews.com/2026/06/new-http2-bomb-vulnerability-allows.html

161 815

EDR is now table stakes. New Bitdefender research by Duncan Mills shows 97.7% of organizations already use Endpoint Detection and Response. Traditional protection alone fails against credential abuse and living-off-the-land attacks. 45% of teams struggle to investigate alerts due to limited resources. Detection and response is now essential. Full story → https://thehackernews.com/expert-insights/2026/06/endpoint-detection-response-is-now.html

161 815

🚨 Big red flags for gamers and downloaders this week. 🔸 Weedhack malware is hitting #Minecraft players via YouTube fake mods and clients, stealing accounts and enabling remote spying. 🔸 CountLoader has infected 86,000 systems through cracked software. 🔸 Pirated streaming sites are silently installing crypto miners. Read details: https://thehackernews.com/2026/06/weedhack-attacks-minecraft-users.html Double-check every download.

161 815

🚨 Android just patched 124 security flaws. One of them — CVE-2025-48595 (CVSS 8.4) — may already be seeing limited targeted exploitation. No user interaction required. #Android 14, 15, 16, and 16 QPR2 affected. Read: https://thehackernews.com/2026/06/google-june-2026-android-update-patches.html

161 815

AI is shrinking exploitation timelines from days to hours. Enterprises still take a median of 43 days to patch critical vulnerabilities. That's a gap attackers are already exploiting. Patching alone isn't enough. Read: https://thehackernews.com/2026/06/ai-driven-exploitation-is-destroying.html

161 815

Russian state-backed hackers Gamaredon are exploiting a critical WinRAR vulnerability to attack Ukraine. They’re weaponizing CVE-2025-8088 with GammaPhish HTA files. This leads to GammaLoad downloaders, which deploy: • GammaWorm — a stealthy self-spreading worm using malicious LNK files • GammaSteel — a modular information stealer Highly evasive chain with Telegram C2 and NTFS hiding techniques. Details: https://thehackernews.com/2026/06/gamaredon-exploits-winrar-to-deliver.html

161 815

🚨 An actively exploited #Oracle WebLogic Server flaw has been added to CISA's KEV catalog. CVE-2024-21182 (CVSS 7.5) allows unauthenticated attackers with network access to compromise vulnerable servers and access critical data. Federal agencies must patch by June 4, 2026. Details: https://thehackernews.com/2026/06/oracle-weblogic-cve-2024-21182-added-to.html

161 815

AI workloads are scaling rapidly across cloud environments, and security teams now have better visibility into what that means for cloud operations, development workflows, and security strategy in practice. On June 16 at 12:00 PM ET, Wiz Research will break down the key findings from the State of AI in the Cloud 2026 report and what they signal for your security program. The session covers: 🔸 Where AI adoption is accelerating: Which cloud services, agent patterns, and copilot architectures are growing fastest 🔸 How cloud environments are evolving: What new connectivity and visibility considerations AI workloads introduce across identity, data, and infrastructure. 🔸 What attackers are already doing: How threat actors use AI to find and exploit misconfigurations faster Save Your Spot: https://thn.news/thn-ai-cloud-2026

161 815

🔒 Fragmented identity pipelines are failing against digital injection attacks. Hubert Behaghel, CTO at Veriff, explains that stitching together multiple vendors for camera capture, liveness detection, and risk scoring often drops critical signals like device telemetry and session context. This creates easy entry points for attackers using virtual cameras and emulators. Integrated systems that maintain end-to-end visibility offer much stronger protection. Read: https://thehackernews.com/expert-insights/2026/06/why-fragmented-identity-pipelines-fail.html

161 815

🔴 A 19-year-old #Linux vulnerability called CIFSwitch allows low-privileged users to gain root access. SpaceX security engineer Asim Viladi Oglu Manizada discovered the logic flaw between the kernel’s CIFS client and the cifs-utils package. The issue has existed since 2007. A patch was merged into mainline Linux on May 19, 2026. Details: https://thehackernews.com/2026/06/weekly-recap-new-linux-flaw-pan-os.html#:~:text=New%20Linux%20Flaw%20CIFSwitch%20Uncovered

161 815

Many organizations invest in EDR but still lack real resilience. Lean teams drown in alerts, investigations lag, and responses are slow. AI attacks are rising (67% of organizations affected), and 84% of major incidents now use living-off-the-land techniques. Visibility alone isn’t enough. Bitdefender GravityZone PHASR reduces attacker opportunities, while MDR adds 24x7 expert response. Read: https://thehackernews.com/2026/06/how-leading-organizations-are-turning.html