Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
The Hacker News
Відкрити в Telegram
⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: admin@thehackernews.com 🌐 Website: https://thehackernews.com
Показати більше📈 Аналітичний огляд Telegram-каналу The Hacker News
Канал The Hacker News (@thehackernews) у мовному сегменті Англійська є активним учасником. На даний момент спільнота об'єднує 161 778 підписників, посідаючи 699 місце в категорії Технології та додатки та 117 місце у регіоні США.
📊 Показники аудиторії та динаміка
З моменту свого створення невідомо, проект продемонстрував стрімке зростання, зібравши аудиторію у 161 778 підписників.
За останніми даними від 04 червня, 2026, канал демонструє стабільну активність. Хоча за останні 30 днів спостерігається зміна кількості учасників на -1 302, а за останні 24 години на -28, загальне охоплення залишається високим.
- Статус верифікації: Верифікований (Офіційно підтверджено Telegram)
- Рівень залученості (ER): Середній показник залученості аудиторії становить 5.28%. Протягом перших 24 годин після публікації контент зазвичай збирає 3.32% реакцій від загальної кількості підписників.
- Охоплення публікацій: В середньому кожен допис отримує 8 537 переглядів. Протягом першої доби публікація в середньому набирає 5 375 переглядів.
- Реакції та взаємодія: Аудиторія активно підтримує контент: середня кількість реакцій на один пост – 15.
- Тематичні інтереси: Контент зосереджений навколо ключових тем, таких як attack, credential, cve-2026, github, backdoor.
📝 Опис та контентна політика
Автор описує ресурс як майданчик для висловлення суб'єктивної думки:
“⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking.
📨 Contact: admin@thehackernews.com
🌐 Website: https://thehackernews.com”
Завдяки високій частоті оновлень (останні дані отримано 05 червня, 2026), канал підтримує актуальність та високий рівень охоплення публікацій. Аналітика показує, що аудиторія активно взаємодіє з контентом, що робить його важливою точкою впливу в категорії Технології та додатки.
161 778
Підписники
-2824 години
-3027 днів
-1 30230 день
Архів дописів
161 778
⚠️ Hackers are taking over #WordPress sites through a form plugin.
The bug is in Everest Forms Pro and lets unauthenticated attackers run code, create admin accounts, and plant web shells.
Update to v1.9.13 now.
Get the full details ➝ https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html
161 778
🛑 Your World Cup 2026 ticket could be gone before the first whistle.
4,300+ Fake ⚽ #FIFA sites are already live.
> Some steal logins
> Some sell fake tickets
> Some hide banking #malware inside streaming apps
Scammers are using ads, search results, Telegram, WhatsApp, and cloned sites.
If you plan to follow the #FIFAFever, read this first: https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html
161 778
🚨 Hackers turned hijacked cloud servers into a hidden email-sending network.
AWS. Google Cloud. Azure.
PCPJack tested which hosts could send mail, kept the working ones, and synced the proxy list every 5 minutes. What they planned to use it for is still unknown.
The setup was still live when found.
Learn more: https://thehackernews.com/2026/06/pcpjack-hijacks-230-aws-google-cloud.html
161 778
Agentic AI can accelerate defense decisions — but only if the infrastructure is secure.
In classified environments: poisoned data, unauthorized access, and broken domain boundaries can break trust fast.
One frontier model was accessed within hours of preview.
Security must be built in from day one.
Read why it matters: https://thehackernews.com/2026/06/agentic-ai-is-transforming-defense-but.html
161 778
🚨 No auth required ... a crafted web request to Cisco Unified CM can write files to the OS and open a path to root.
CVE-2026-20230 patch is out, PoC exploit is public, and no attacks yet. Only bites if WebDialer is ON.
Fix: 14SU6 / COP / 15SU5, or kill WebDialer.
Read: https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html
161 778
🚨 One malicious GitHub issue could hijack Anthropic’s #ClaudeCode Action and turn prompt injection into repo write access.
In agent mode, a crafted issue could leak OIDC-related workflow credentials that attackers could replay.
The bypass trusted [bot] actors. Fixed in v1.0.94. Audit your workflows.
Details ➝ https://thehackernews.com/2026/06/claude-code-github-action-flaw-let-one.html
161 778
Most teams manage open source software by reaction. Get certified to govern it.
Open source software powers 98% of applications, yet most teams manage it by reaction, not design. This free, self-paced certification shows you how open-source dependencies enter your software supply chain, how to remediate vulnerabilities, and how to govern what reaches your environment.
Get certified for free: https://thn.news/activestate-security
161 778
ThreatsDay Bulletin is out.
🔧 ClickFix Tricks
🕵️ Sketchy C2 Tools
📜 JS Backdoors
🎮 Steam Profile Payloads
🤖 AI Agents Breaking Prod
🐧 Old Linux Bugs Back Again
📦 RubyGems Cooldown
📞 Android Scam Defense
... and many more new stories.
But same lesson as always ➝ patch faster, trust less, watch the weird edges.
Read the recap: https://thehackernews.com/2026/06/threatsday-bulletin-ai-agents-gone.html
161 778
🚨 China-linked cybercrime group TA4922 is expanding phishing attacks beyond East Asia, targeting organizations in the UK, Germany, Italy, and South Africa.
The campaigns use HR, tax, and invoice lures to deploy:
🔹 Atlas RAT
🔹 RomulusLoader (New)
🔹 SilentRunLoader (New)
Details: https://thehackernews.com/2026/06/china-linked-ta4922-expands-phishing.html
161 778
⚡ Skip investigation roadblocks with verified threat intelligence
Get insights from 15K+ SOC teams and 600K+ security professionals to make confident decisions faster.
Integrate TI Lookup for instant context ➝ https://thn.news/threat-intel-lookup
161 778
🛑 Google and YouTube ads are delivering FlutterShell, a new #macOS backdoor that passed Apple notarization with valid Developer IDs.
The malware can hijack Chrome traffic, run shell commands, alter files, and update its behavior from attacker servers.
Read: https://thehackernews.com/2026/06/fluttershell-backdoor-spreads-to-macos.html
161 778
🚨 Fake sites mimicking Ghidra, dnSpy, and SpiderFoot are ranking in Google searches to deliver malware.
They show real download URLs on hover, but clicks route users through a gated TDS to Remus Stealer, AnimateClipper, and SessionGate.
Learn more: https://thehackernews.com/2026/06/fake-sites-mimicking-open-source-tools.html
161 778
🚨 Hackers spent 5 MONTHS quietly copying a senior executive’s Outlook mailbox at a major Global Stock Exchange.
They ran with SYSTEM privileges and used a custom tool based on the legitimate Aspose library to export emails in small batches, routing the data through Dropbox and OneDrive to blend in with normal traffic.
Learn more: https://thehackernews.com/2026/06/hackers-spied-on-stock-exchange.html
161 778
🚨 Attackers are actively exploiting CVE-2026-45247, a critical Magento RCE flaw in Mirasvit Cache Warmer.
CISA added it to KEV. The bug scores 9.8 CVSS and allows unauthenticated PHP code execution via crafted CacheWarmer cookies.
Patch before June 6.
Read: https://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html
161 778
🇺🇸 U.S. authorities and tech companies disrupted major Southeast Asian cyber fraud networks.
DoJ’s “Disruption Week” hit 1.4M+ #Facebook, #Instagram accounts, 20,000 Microsoft accounts, thousands of #Starlink kits, and froze $3.8 M+ in crypto.
Seven arrests were made in Thailand. Scams cost Americans $7.2 B+ in 2025.
Read: https://thehackernews.com/2026/06/doj-disrupts-southeast-asia-crypto.html
161 778
⚠️ Phishing is turning into insider threats.
Stolen credentials let attackers use legitimate access and blend in. Most tools miss it because the activity looks normal.
This article shows how to detect these connected risks with unified monitoring and practical techniques.
Read: https://thehackernews.com/expert-insights/2026/06/detecting-phishing-and-insider-threats.html
161 778
⚠️ Poisoned #WhatsApp, Slack, or SMS notifications could hijack Google Gemini on Android.
No malicious app needed.
A single alert could make #Gemini fake messages, trigger actions, join Zoom calls, or poison memory.
Read details: https://thehackernews.com/2026/06/whatsapp-slack-notifications-could.html
161 778
What would your IT team do with 150 extra hours a month?
Join Jamf and Tines_hq to learn how Jamf automated phishing reporting, employee notifications, FileVault key recovery, and more, while reducing manual IT work and accelerating response times.
📅 July 10, 11 AM ET
🎓 Earn up to 1.0 CPE credit for attending live
Register: https://thn.news/tines-it-automation
161 778
Hackers are abusing Google DoubleClick to bypass security tools and deliver DesckVB RAT via personalized phishing pages using victim company branding and location.
The .NET trojan establishes persistence and gives attackers full machine control.
Read ➝ https://thehackernews.com/2026/06/google-doubleclick-abused-in-new.html
161 778
🚨 A single debug flag left on in production exposed BILLIONS of Microsoft 365 Android users.
Any app on the same phone could silently steal your signed-in account token — and access email, files, calendar, and send messages without any prompt.
The "FlagLeft" bug hit Word, Excel, PowerPoint, Copilot, Loop, and OneNote. Microsoft has fixed it.
Update them now.
Details: https://thehackernews.com/2026/06/microsoft-365-android-apps-let-any-app.html
