اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
The Hacker News
رفتن به کانال در Telegram
⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: admin@thehackernews.com 🌐 Website: https://thehackernews.com
نمایش بیشتر📈 تحلیل کانال تلگرام The Hacker News
کانال The Hacker News (@thehackernews) در بخش زبانی انگلیسی بازیگری فعال است. در حال حاضر جامعه شامل 161 642 مشترک است و جایگاه 691 را در دسته فناوری و برنامهها و رتبه 109 را در منطقه الولايات المتحدة الأمريكية دارد.
📊 شاخصهای مخاطب و پویایی
از زمان ایجاد در невідомо، پروژه رشد سریعی داشته و 161 642 مشترک جذب کرده است.
بر اساس آخرین دادهها در تاریخ 24 ژوئن, 2026، کانال فعالیت پایداری دارد. در ۳۰ روز گذشته تغییر اعضا برابر -596 و در ۲۴ ساعت گذشته برابر -13 بوده و همچنان دسترسی گستردهای حفظ شده است.
- وضعیت تأیید: تأیید شده (به صورت رسمی توسط تلگرام)
- نرخ تعامل (ER): میانگین تعامل مخاطب 4.66% است و در ۲۴ ساعت نخست پس از انتشار، محتوا معمولاً 2.96% واکنش نسبت به کل مشترکان کسب میکند.
- دسترسی پستها: هر پست به طور میانگین 7 531 بازدید دریافت میکند. در اولین روز معمولاً 4 780 بازدید جمعآوری میشود.
- واکنشها و تعامل: مخاطبان بهطور فعال حمایت میکنند؛ میانگین واکنش به هر پست 17 است.
- علایق موضوعی: محتوا بر موضوعات کلیدی مانند attack, credential, cve-2026, github, backdoor تمرکز دارد.
📝 توضیح و سیاست محتوایی
نویسنده این فضا را محل بیان دیدگاههای شخصی توصیف میکند:
“⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking.
📨 Contact: admin@thehackernews.com
🌐 Website: https://thehackernews.com”
به لطف بهروزرسانیهای پرتکرار (آخرین داده در تاریخ 25 ژوئن, 2026)، کانال همواره بهروز و دارای دسترسی بالاست. تحلیلها نشان میدهد مخاطبان بهطور فعال با محتوا تعامل دارند و آن را به نقطه اثرگذاری مهم در دسته فناوری و برنامهها تبدیل کردهاند.
161 642
مشترکین
-1324 ساعت
-1287 روز
-59630 روز
آرشیو پست ها
161 640
🛑 Cybercrime crews just lost part of their malware supply chain.
Operation Endgame disrupted infrastructure behind Amadey and StealC — malware used to steal data and deliver additional payloads.
Authorities say the operation led to:
- 326 servers dismantled
- 142 domains taken down
- 27M stolen credentials recovered
- $47 M+ in criminal crypto assets restricted
Read: https://thehackernews.com/2026/06/amadey-and-stealc-malware-network.html
161 640
Cybersecurity is losing the time buffer it used to depend on.
Agentic AI could compress the gap between finding a weakness and weaponizing it. That puts hidden IT, IoT, and OT assets directly in the blast path.
Know what’s on your network before attacker automation does.
See why asset visibility matters now: https://thehackernews.com/2026/06/dawn-of-apex-agentic-adversary.html
161 640
Last Chance to Register for GRC Now | Get 8 Free CPEs
Join over 15K of your peers already registered for the July 8-9 GRC Now virtual event! Register and attend to explore the latest trends in GRC, cyber risk, practical strategies for AI governance, guidance for regulatory changes, and more.
✨ Bonus: You’ll earn up to 8 free CPE credits for attending.
Register now: https://thn.news/grc-now-reshape-resilience
161 640
⚡ The crackdown on HuiOne is now widening.
The DoJ seized a cloud account tied to HuiOne subsidiaries, while Treasury sanctioned 9 people and 26 entities linked to Prince Group.
The focus: crypto scam proceeds, laundering, and the networks behind Southeast Asia scam operations.
Read 🠖 https://thehackernews.com/2026/06/doj-seizes-huione-cloud-account-tied-to.html
161 640
🛑 Cisco Unified CM admins should check WebDialer now.
CVE-2026-20230 is being exploited, and vulnerable WebDialer-enabled systems can be abused by unauthenticated attackers to write files.
Cisco patched it in 14SU6 and 15SU5.
Read: https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html
161 640
🚨 FFortiBleed went beyond FortiGate firewalls.
Researchers say a Russian-speaking IAB targeted 430,000+ FortiGate firewalls, deployed credential sniffers, and identified over 110 million credentials.
Read: https://thehackernews.com/2026/06/fortibleed-targeted-fortigate-firewalls.html
The campaign also hit other internet-facing systems.
161 640
🔥 A fake AI Agent skill reportedly reached 26,000 agents after passing security scans.
The payload was loaded later from an external link that scanners did not check, and that link could be changed after review.
Read how the blind spot worked 🠖 https://thehackernews.com/2026/06/fake-ai-agent-skill-passed-security.html
161 640
🛑 Washington is preparing for the quantum threat before it arrives.
A new Trump order gives federal agencies until 2030 to move key systems to post-quantum crypto.
Digital signatures are due by 2031.
Read - https://thehackernews.com/2026/06/trump-order-sets-2030-deadline-for.html
161 640
⚡ A risky #GitHub Actions pattern is getting blocked by default.
Starting June 18, 2026, actions/checkout v7 will refuse common fork PR checkout patterns in privileged workflows.
See how the new checkout guardrail works: https://thehackernews.com/2026/06/github-updates-actionscheckout-to-block.html
The aim: reduce “pwn request” attacks that can expose secrets or a privileged GITHUB_TOKEN.
161 640
AI is moving from writing attacks to running parts of them.
Agentic AI can help automate recon, social engineering, exploit selection, and malware work with less human input.
The risk is not just speed. It is misplaced trust.
Read why it matters: https://thehackernews.com/2026/06/agentic-ai-weapon-that-no-longer-needs.html
161 640
Running IT for a fast-growing 700-person company with a lean team sounds like a recipe for SaaS chaos. Not for the Drata team.
Nudge Security sat down with Gordon Nhieu, Senior IT Manager at Drata recently to dive into how their team got visibility into shadow SaaS, scaled governance, and kept up with a fast-moving org in the AI era.
No slides. No sales pitch. Just a candid look at how one lean IT team is making it work.
https://thn.news/saas-sprawl-nudge
161 640
⚠️ A tiny npm package can hide a full malware chain.
Researchers found malicious npm packages posing as PostCSS/build tools that deploy a Windows RAT.
The malware uses JavaScript, PowerShell, VBS, and Python to steal Chrome credentials, run commands, and move files.
Read - https://thehackernews.com/2026/06/malicious-npm-packages-pose-as-postcss.html
161 640
A breach should not spread across the whole company.
That is the point of containment.
Even if attackers get in, the goal is to stop them from moving further.
The article explains how security teams and leading vendors are approaching that problem.
Read: https://awards.thehackernews.com/blog/assume-breach-containment-strategy/
161 640
🚨 That WhatsApp file from a trusted contact may not be safe.
A new VBS malware campaign is spreading through #WhatsApp Desktop/Web and installing ManageEngine Endpoint Central for remote access on Windows PCs.
Read the details: https://thehackernews.com/2026/06/whatsapp-vbscript-campaign-uses-fake.html
161 640
🔥 OpenAI is putting GPT-5.5-Cyber in defenders’ hands.
The model is being released through Daybreak to help trusted defenders find, validate, and patch software flaws.
#OpenAI is also launching Patch the Planet with Trail of Bits to support open-source projects like cURL, Python, Sigstore, and aiohttp.
Read - https://thehackernews.com/2026/06/openai-expands-daybreak-with-gpt-55.html
161 640
⚠️ ALERT - ShapedPlugin Pro plugins were backdoored through official #WordPress update channels.
The malware can steal credentials, 2FA codes, wp-config.php data, and #WooCommerce order details.
Read 🠖 https://thehackernews.com/2026/06/shapedplugin-wordpress-pro-plugins.html
161 640
🛑 Private AI chats crossed tenant lines.
Researchers found four DifyTap flaws in #Dify, the 146K-star agentic workflow platform.
The bugs could expose AI conversations across tenants and leak uploaded document previews.
Read 🠖 https://thehackernews.com/2026/06/researchers-detail-difytap-flaws-in.html
161 640
🤯 A 1997 parser bug is still haunting Squid.
Squidbleed (CVE-2026-47729) can leak another user’s cleartext HTTP request through a shared Squid proxy, including credentials or session tokens.
Read 🠖 https://thehackernews.com/2026/06/29-year-old-squid-proxy-bug-squidbleed.html
161 640
⚡ AI-assisted social engineering has moved beyond the inbox.
Bobby Ford of Doppel says modern campaigns now span email, SMS, collaboration apps, social media, and paid ads — often as one attack chain.
The goal is no longer just blocking lures.
It is breaking the campaign earlier.
Read the full story: https://thehackernews.com/expert-insights/2026/06/beyond-blocking-disrupting-social.html
161 640
🚨 A fake Node.js download was the start of a real malware chain.
Elastic researchers found a new #malvertising campaign using Google Ads to deliver OXLOADER, a previously unreported loader that drops CastleStealer.
The payload was staged through Storj and built to avoid analysis.
Read: https://thehackernews.com/2026/06/new-oxloader-loader-uses-malicious.html
