اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
The Hacker News
رفتن به کانال در Telegram
⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: admin@thehackernews.com 🌐 Website: https://thehackernews.com
نمایش بیشتر📈 تحلیل کانال تلگرام The Hacker News
کانال The Hacker News (@thehackernews) در بخش زبانی انگلیسی بازیگری فعال است. در حال حاضر جامعه شامل 161 824 مشترک است و جایگاه 690 را در دسته فناوری و برنامهها و رتبه 111 را در منطقه الولايات المتحدة الأمريكية دارد.
📊 شاخصهای مخاطب و پویایی
از زمان ایجاد در невідомо، پروژه رشد سریعی داشته و 161 824 مشترک جذب کرده است.
بر اساس آخرین دادهها در تاریخ 18 ژوئن, 2026، کانال فعالیت پایداری دارد. در ۳۰ روز گذشته تغییر اعضا برابر -889 و در ۲۴ ساعت گذشته برابر 55 بوده و همچنان دسترسی گستردهای حفظ شده است.
- وضعیت تأیید: تأیید شده (به صورت رسمی توسط تلگرام)
- نرخ تعامل (ER): میانگین تعامل مخاطب 4.84% است و در ۲۴ ساعت نخست پس از انتشار، محتوا معمولاً 3.15% واکنش نسبت به کل مشترکان کسب میکند.
- دسترسی پستها: هر پست به طور میانگین 7 834 بازدید دریافت میکند. در اولین روز معمولاً 5 101 بازدید جمعآوری میشود.
- واکنشها و تعامل: مخاطبان بهطور فعال حمایت میکنند؛ میانگین واکنش به هر پست 18 است.
- علایق موضوعی: محتوا بر موضوعات کلیدی مانند attack, credential, cve-2026, github, backdoor تمرکز دارد.
📝 توضیح و سیاست محتوایی
نویسنده این فضا را محل بیان دیدگاههای شخصی توصیف میکند:
“⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking.
📨 Contact: admin@thehackernews.com
🌐 Website: https://thehackernews.com”
به لطف بهروزرسانیهای پرتکرار (آخرین داده در تاریخ 19 ژوئن, 2026)، کانال همواره بهروز و دارای دسترسی بالاست. تحلیلها نشان میدهد مخاطبان بهطور فعال با محتوا تعامل دارند و آن را به نقطه اثرگذاری مهم در دسته فناوری و برنامهها تبدیل کردهاند.
161 824
مشترکین
+5524 ساعت
+1487 روز
-88930 روز
آرشیو پست ها
161 824
EDR bypass doesn’t always mean killing the agent.
A new technique called EDRChoker throttles EDR processes using Windows QoS policies, cutting bandwidth to 8 bits per second.
The agent may still run — but its server connection can time out, weakening telemetry and remote control.
Read more: https://thehackernews.com/2026/06/threatsday-bulletin-worm-code-leaked-ai.html#edr-telemetry-throttled
161 824
🛑 Your AI model upload could be hijacked before it even lands.
Researchers found a Google Vertex AI SDK flaw that let attackers pre-create a predictable bucket, intercept an ML model upload, and swap in a malicious model in under 2 seconds.
Read ➝ https://thehackernews.com/2026/06/google-vertex-ai-sdk-flaw-let-attackers.html
161 824
A clean-looking IP can still hide a real attack.
VPNs and residential proxies now appear in nearly every security incident, according to a Spur study of 200+ security practitioners.
The problem: many teams still lack the context to know who is behind the traffic — and what to do next.
Read the full story ➝ https://thehackernews.com/2026/06/survey-94-of-incidents-involve.html
161 824
> fake security check
> copied PowerShell command
> then the malware starts
Researchers say ClickFix attacks are now delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and #ransomware-linked payloads.
You think they’re fixing a problem... but you're running the attack.
Read the full story ➝ https://thehackernews.com/2026/06/clickfix-campaigns-expand-malware.html
161 824
Ungoverned agent identities act without human oversight, improperly use privileged access, and violate compliance policies, exposing organizations to real security and compliance risk.
AppViewX's new Agent Identity Security tackles it directly: discovering shadow agents, managing their lifecycle, enforcing privileged access, responding to agent-driven threats, and keeping compliance continuous.
Explore Agent Identity Security here: https://thn.news/ai-agent-security
#AIAgents #AIGovernance #AppViewX #AgentIdentitySecurity
161 824
🚨 A backdoor once thought to target #Linux has now moved to Windows.
ESET found two Windows versions of SprySOCKS, linked to a China-nexus espionage group.
One version uses kernel drivers to hide files, processes, registry keys, and network connections.
Read ➝ https://thehackernews.com/2026/06/china-linked-sprysocks-backdoor-expands.html
161 824
A fake Microsoft security alert
A ZIP attachment
A malicious shortcut inside
Researchers say North Korea-linked ScarCruft is using the lure to deploy NarwhalRAT, a Python RAT that can log keystrokes, capture screenshots, record audio, collect USB data, and use pCloud as a C2 channel.
Read ➝ https://thehackernews.com/2026/06/fake-microsoft-alerts-used-to-deploy.html
161 824
⚠️ Cisco has released patches for a Catalyst SD-WAN Manager flaw now exploited in the wild.
CVE-2026-20262 lets an authenticated attacker with write access create or overwrite files on affected systems.
Cisco says exploitation is limited, but CISA added it to KEV and set a June 29 patch deadline.
Read: https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html
161 824
🚨 A shared hosting flaw just landed on CISA’s exploited list.
CVE-2026-54420 affects the LiteSpeed cPanel Plugin and can let a user with FTP or web shell access gain root on CloudLinux/CageFS servers.
Federal agencies must patch by June 18, 2026.
Read: https://thehackernews.com/2026/06/cisa-flags-litespeed-cpanel-plugin-flaw.html
161 824
🚨 A trusted cloud feature became a spying tool.
Google says China-linked hackers breached North American research networks via REDCap, then abused Google Workspace rules to secretly BCC emails matching nearly 150 keywords.
Read: https://thehackernews.com/2026/06/chinese-hackers-abused-google-workspace.html
161 824
⚡ Developers are being targeted where they work:
</> GitHub repos
</> VS Code projects
</> npm packages
</> Packagist
</> Crypto/Web3 lures
Researchers say North Korea-linked activity sent 250+ phishing emails to targets at nearly 100 organizations, aiming to steal credentials, wallet data, keys, and access.
Read ➝ https://thehackernews.com/2026/06/north-korean-hackers-are-turning.html
161 824
A first-day password can become a long-term security hole.
Many onboarding passwords are sent by email or SMS, reused, or never changed.
That gives attackers an easy way into corporate systems before anyone notices.
Read the full article: https://thehackernews.com/2026/06/the-onboarding-password-mistake-that.html
161 824
🚨 One weak LiteLLM account could take over an AI gateway.
A CVSS 9.9 flaw chain lets attackers become admin, run code, steal AI keys, read prompts, and tamper with AI agent responses.
Read the full story: https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html
161 824
🛑 One trusted Microsoft link could have been enough.
> No fake login page
> No password theft
> No second click
Researchers showed how 3 chained bugs in #Microsoft 365 Copilot Enterprise Search could let an attacker pull emails, calendar data, indexed files, and one-time codes.
See how the attack worked: https://thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html
161 824
AI workloads are scaling rapidly across cloud environments, giving security teams better visibility into what that means for cloud operations, development workflows, and security strategy.
On June 16 at 12:00 PM ET, Wiz Research will break down key findings from the State of AI in the Cloud 2026 report.
You’ll learn:
🔸 Where AI adoption is growing fastest
🔸 How AI changes cloud identity, data, and infrastructure risk
🔸 How attackers use AI to find and exploit misconfigurations faster
Save your spot ➝ https://thn.news/cloud-security-reshaping
161 824
> A clean-looking GitHub repo.
> A poisoned npm package.
> A new cross-platform RAT.
Researchers found SStar Agent targeting Windows and #macOS through a fake Web3 developer take-home test.
Windows builds add keylogging, clipboard monitoring, and remote control. macOS builds focus on recon and data theft.
Read: https://thehackernews.com/2026/06/threatsday-bulletin-worm-code-leaked-ai.html#cross-platform-rat-emerges
161 824
This week’s cyber recap is stacked:
🌐 Chrome 0-day exploited
🏛️ Oracle PeopleSoft hit
🐧 Arch AUR packages poisoned
🔐 Check Point VPN attacks
📡 UniFi flaws exploited
🎣 Major phishing kit takedown
🤖 AI brands used as bait
🍎 #macOS fake installers
📦 npm/PyPI malware
📱 #Android adware
☁️ Cloud logging abuse risks
🕵️ RAT using Google Sheets
💾 Ransomware data exfil tricks
Plus urgent CVEs, tools, and expert webinars.
Read here: https://thehackernews.com/2026/06/weekly-recap-chrome-0-day-unifi.html
161 824
🚨 The biggest Shadow AI risk may not be a new tool.
It may be an AI feature quietly added to software your company already approved.
Security teams now need to know where AI is active, what data it can access, and what employees are putting into it.
The piece uses 🏆 award-winning solutions as examples of how security vendors are approaching the problem.
Read the full article: https://awards.thehackernews.com/blog/shadow-ai-the-hidden-risk/
161 824
⚠️ Your browser’s new tab page can be turned into an ad-fraud machine.
Researchers found 152 Chrome wallpaper extensions, spread across 38 publisher accounts and 105,000 installs, linked to adware and fake Google traffic.
Details here ➝ https://thehackernews.com/2026/06/152-chrome-wallpaper-extensions-with.html
161 824
Runtime scanners may catch the attack.
But often, the bad package has already entered your CI/CD pipeline.
Jonny Rivera of ActiveState explains why supply chain security needs to move upstream — to the moment a dependency is downloaded, before unvetted code gets in.
Read the full article: https://thehackernews.com/expert-insights/2026/06/why-runtime-scanning-is-too-late-for.html
