uk
Feedback
The Hacker News

The Hacker News

Відкрити в Telegram

⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: admin@thehackernews.com 🌐 Website: https://thehackernews.com

Показати більше

📈 Аналітичний огляд Telegram-каналу The Hacker News

Канал The Hacker News (@thehackernews) у мовному сегменті Англійська є активним учасником. На даний момент спільнота об'єднує 161 564 підписників, посідаючи 693 місце в категорії Технології та додатки та 107 місце у регіоні США.

📊 Показники аудиторії та динаміка

З моменту свого створення невідомо, проект продемонстрував стрімке зростання, зібравши аудиторію у 161 564 підписників.

За останніми даними від 30 червня, 2026, канал демонструє стабільну активність. Хоча за останні 30 днів спостерігається зміна кількості учасників на -378, а за останні 24 години на -15, загальне охоплення залишається високим.

  • Статус верифікації: Верифікований (Офіційно підтверджено Telegram)
  • Рівень залученості (ER): Середній показник залученості аудиторії становить 4.61%. Протягом перших 24 годин після публікації контент зазвичай збирає 3.08% реакцій від загальної кількості підписників.
  • Охоплення публікацій: В середньому кожен допис отримує 7 453 переглядів. Протягом першої доби публікація в середньому набирає 4 977 переглядів.
  • Реакції та взаємодія: Аудиторія активно підтримує контент: середня кількість реакцій на один пост – 14.
  • Тематичні інтереси: Контент зосереджений навколо ключових тем, таких як attack, credential, cve-2026, github, backdoor.

📝 Опис та контентна політика

Автор описує ресурс як майданчик для висловлення суб'єктивної думки:
⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: admin@thehackernews.com 🌐 Website: https://thehackernews.com

Завдяки високій частоті оновлень (останні дані отримано 01 липня, 2026), канал підтримує актуальність та високий рівень охоплення публікацій. Аналітика показує, що аудиторія активно взаємодіє з контентом, що робить його важливою точкою впливу в категорії Технології та додатки.

161 564
Підписники
-1524 години
-907 днів
-37830 день
Архів дописів
⚠️ Microsoft is warning about a new way AI agents can be manipulated through MCP tools. The issue is not a broken rule or a s
⚠️ Microsoft is warning about a new way AI agents can be manipulated through MCP tools. The issue is not a broken rule or a software bug. A malicious tool description can hide instructions that make an agent collect company data, such as unpaid invoices, and send it out through a normal-looking tool call. Details here: https://thehackernews.com/2026/06/microsoft-warns-poisoned-mcp-tool.html

🛑 A new RustDuck botnet is turning routers, cameras, Android boxes, and poorly secured servers into DDoS nodes. It spreads t
🛑 A new RustDuck botnet is turning routers, cameras, Android boxes, and poorly secured servers into DDoS nodes. It spreads through weak Telnet/SSH logins, exposed ADB, and old flaws, while its newer core is being rewritten in Rust. Details 🠒 https://thehackernews.com/2026/06/rustduck-botnet-rebuilds-in-rust-to.html

🚨 CVE-2026-33017 is being exploited against Langflow. Attackers abuse an unauthenticated API endpoint to run Python code, dr
🚨 CVE-2026-33017 is being exploited against Langflow. Attackers abuse an unauthenticated API endpoint to run Python code, drop Lambsys, and launch a Monero miner. Lambsys can spread via reused SSH keys. Langflow attack chain: https://thehackernews.com/2026/06/langflow-rce-exploited-to-deploy-monero.html

⚠️ A fake “Google Notes” extension is swapping #cryptocurrency wallet addresses inside Chromium browsers. Experts call it "Si
⚠️ A fake “Google Notes” extension is swapping #cryptocurrency wallet addresses inside Chromium browsers. Experts call it "Silent Swap" Unsigned .NET and Golang installers inject the extension, alter browser preference files, and use EtherHiding to rotate C2. Details here ➝ https://thehackernews.com/2026/06/silent-swap-crypto-clipper-uses-fake.html

🛑 Old shell tricks didn’t die. They found a new target 🠒 AI coding agents. Researchers shows how Bash parsing can slip past
🛑 Old shell tricks didn’t die. They found a new target 🠒 AI coding agents. Researchers shows how Bash parsing can slip past weak text-based command guards, letting r''m become rm before execution. GuardFall bypass worked on 10 of 11 open-source agents tested. Read how it works: https://thehackernews.com/2026/06/guardfall-exposes-open-source-ai-coding.html

🛑 A leaked AI key is not just a secret anymore. It is a running bill. Researchers tested 444 iOS AI chatbot apps. Over 250 e
🛑 A leaked AI key is not just a secret anymore. It is a running bill. Researchers tested 444 iOS AI chatbot apps. Over 250 exposed paid LLM access through network traffic. > Plaintext keys > Replayable tokens > Open backend proxies with no auth Read the THN report: https://thehackernews.com/2026/06/282-ios-apps-found-leaking-llm-api-keys.html

Fraud infrastructure for FIFA World Cup 2026 was already in place before June 11 kickoff. Check Point saw 60x spike in fake s
Fraud infrastructure for FIFA World Cup 2026 was already in place before June 11 kickoff. Check Point saw 60x spike in fake sportsbook apps (64 samples) + large-scale travel/phishing domains, some with MX set for email interception. Full report: https://thehackernews.com/2026/06/what-numbers-say-about-fifa-2026-cyber.html

🛑 SimpleHelp RMM CVE-2026-48558 exploited for OIDC authentication bypass. Attackers gain technician sessions to deploy TaskW
🛑 SimpleHelp RMM CVE-2026-48558 exploited for OIDC authentication bypass. Attackers gain technician sessions to deploy TaskWeaver and Djinn Stealer. Djinn Stealer targets cloud, code, AI tools, browsers, SSH, and wallets. Read the full story: https://thehackernews.com/2026/06/attackers-exploit-simplehelp-cve-2026.html

🚨 Nearby file sharing has a local blind spot. Researchers found six flaws in AirDrop and Quick Share that can crash sharing
🚨 Nearby file sharing has a local blind spot. Researchers found six flaws in AirDrop and Quick Share that can crash sharing services, bypass Samsung session checks, and trigger a crash in Google’s Windows app. Apple and Google have started fixes. Read: https://thehackernews.com/2026/06/airdrop-and-quick-share-flaws-let.html

🎮 Tell an AI browser it’s just playing a game. Researchers say "BioShocking" tricked six AI agents, including #ChatGPT Atlas
🎮 Tell an AI browser it’s just playing a game. Researchers say "BioShocking" tricked six AI agents, including #ChatGPT Atlas, Comet, and #Claude, into copying GitHub SSH credentials from a signed-in session. Read how the attack chain worked: https://thehackernews.com/2026/06/new-bioshocking-attack-tricks-ai.html

⚠️ Public PoC is out for CVE-2026-8037, a critical Progress Kemp LoadMaster API flaw. It lets unauthenticated attackers run r
⚠️ Public PoC is out for CVE-2026-8037, a critical Progress Kemp LoadMaster API flaw. It lets unauthenticated attackers run root commands when the API is enabled. Patch now. Restrict API exposure. Full story: https://thehackernews.com/2026/06/progress-kemp-loadmaster-flaw-could-let.html

⚡ Apple patched WebKit bugs found with AI tools. The updates fix 30+ flaws across: > iOS 26.5.2 > macOS Tahoe 26.5.2 > Safari
⚡ Apple patched WebKit bugs found with AI tools. The updates fix 30+ flaws across: > iOS 26.5.2 > macOS Tahoe 26.5.2 > Safari 26.5.2 The fixes include WebKit CVEs, sandbox issues, and kernel-level bugs. Details: https://thehackernews.com/2026/06/apple-patches-30-ios-macos-safari-flaws.html

🚨 Oracle E-Business Suite has a new active exploitation problem. CVE-2026-46817 is a CVSS 9.8 flaw in Oracle Payments that c
🚨 Oracle E-Business Suite has a new active exploitation problem. CVE-2026-46817 is a CVSS 9.8 flaw in Oracle Payments that can allow unauthenticated HTTP takeover. No public PoC. Attribution unknown. Read the full report: https://thehackernews.com/2026/06/oracle-e-business-suite-flaw-cve-2026.html

🛑 The extension did not need to steal passwords to be dangerous. Microsoft found a fake #Perplexity Chrome extension that lo
🛑 The extension did not need to steal passwords to be dangerous. Microsoft found a fake #Perplexity Chrome extension that logged searches and address bar input before redirecting users to real results. How it worked, and what users should check: https://thehackernews.com/2026/06/malicious-perplexity-chrome-extension.html

🔥 #WhatsApp is finally getting usernames. The app has started global username reservations before a wider rollout later this
🔥 #WhatsApp is finally getting usernames. The app has started global username reservations before a wider rollout later this year. So people can message each other without handing over a phone number. Details here: https://thehackernews.com/2026/06/whatsapp-is-finally-getting-usernames.html

⚡ DirtyClone leads the week, but the rest of the queue is ugly: 🐧 Linux root bug 🚨 PTC exploited 🍎 Gaslight malware 🎯 Tur
⚡ DirtyClone leads the week, but the rest of the queue is ugly: 🐧 Linux root bug 🚨 PTC exploited 🍎 Gaslight malware 🎯 Turla backdoor 🧹 StealC takedown 🤖 Agent prompt injection 🕵️ New infostealers 📺 DVR proxy abuse 🧩 Urgent CVEs Full recap: https://thehackernews.com/2026/06/weekly-recap-linux-kernel-flaws-ai.html

⚠️ Mustang Panda hid C2 in cloud traffic. Acronis says the China-aligned group abused Zoho WorkDrive as a command channel in
⚠️ Mustang Panda hid C2 in cloud traffic. Acronis says the China-aligned group abused Zoho WorkDrive as a command channel in campaigns against Indian government and hydropower targets. ZOHOMURK read commands from an inbox folder and wrote stolen output to an outbox. Read 🠖 https://thehackernews.com/2026/06/mustang-panda-uses-zoho-workdrive-as.html

Your encrypted credentials may not stay encrypted forever. Attackers can harvest them now, store them, and decrypt them later
Your encrypted credentials may not stay encrypted forever. Attackers can harvest them now, store them, and decrypt them later when quantum hardware catches up. That is why post-quantum migration should start with long-lived credentials and machine identities. Read the full story: https://thehackernews.com/2026/06/why-post-quantum-cryptography-starts.html

🛑 EvilTokens hides account takeover risk from your SOC. Static URL analysis misses it as the phishing page appears only afte
🛑 EvilTokens hides account takeover risk from your SOC. Static URL analysis misses it as the phishing page appears only after browser-side decryption. Avoid visibility gaps and accelerate response by uncovering the full attack flow in 1 min. Read ➝ https://thn.news/ghost-analysis-2023

🛑 236,493 scam domains. Experts say DCloud Uni-App templates are being used to run fake crypto exchanges, #WhatsApp phishing
🛑 236,493 scam domains. Experts say DCloud Uni-App templates are being used to run fake crypto exchanges, #WhatsApp phishing, gambling scams, and wallet drainers. Read the full story ➝ https://thehackernews.com/2026/06/236000-dcloud-uni-app-sites-used-in.html

The Hacker News - Статистика та аналітика Telegram каналу @thehackernews