Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
The Hacker News
Kanalga Telegram’da o‘tish
⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: admin@thehackernews.com 🌐 Website: https://thehackernews.com
Ko'proq ko'rsatish📈 Telegram kanali The Hacker News analitikasi
The Hacker News (@thehackernews) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 161 778 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 699-o'rinni va AQSH mintaqasida 117-o'rinni egallagan.
📊 Auditoriya ko‘rsatkichlari va dinamika
невідомо sanasidan buyon loyiha tez o‘sib, 161 778 obunachiga ega bo‘ldi.
04 Iyun, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni -1 302 ga, so‘nggi 24 soatda esa -28 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.
- Tasdiqlash holati: Tasdiqlangan (Telegram tomonidan rasmiy tasdiq)
- Jalb etish (ER): Auditoriya o‘rtacha 5.28% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining 3.32% ini tashkil etuvchi reaksiyalarni to‘playdi.
- Post qamrovi: Har bir post o‘rtacha 8 537 marta ko‘riladi; birinchi sutkada odatda 5 375 ta ko‘rish yig‘iladi.
- Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 15 ta reaksiya keladi.
- Tematik yo‘nalishlar: Kontent attack, credential, cve-2026, github, backdoor kabi asosiy mavzularga jamlangan.
📝 Tavsif va kontent siyosati
Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking.
📨 Contact: admin@thehackernews.com
🌐 Website: https://thehackernews.com”
Yuqori yangilanish chastotasi (oxirgi ma’lumot 05 Iyun, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.
161 778
Obunachilar
-2824 soatlar
-3027 kunlar
-1 30230 kunlar
Postlar arxiv
161 778
⚠️ Hackers are taking over #WordPress sites through a form plugin.
The bug is in Everest Forms Pro and lets unauthenticated attackers run code, create admin accounts, and plant web shells.
Update to v1.9.13 now.
Get the full details ➝ https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html
161 778
🛑 Your World Cup 2026 ticket could be gone before the first whistle.
4,300+ Fake ⚽ #FIFA sites are already live.
> Some steal logins
> Some sell fake tickets
> Some hide banking #malware inside streaming apps
Scammers are using ads, search results, Telegram, WhatsApp, and cloned sites.
If you plan to follow the #FIFAFever, read this first: https://thehackernews.com/2026/06/fifa-world-cup-2026-scams-are-already.html
161 778
🚨 Hackers turned hijacked cloud servers into a hidden email-sending network.
AWS. Google Cloud. Azure.
PCPJack tested which hosts could send mail, kept the working ones, and synced the proxy list every 5 minutes. What they planned to use it for is still unknown.
The setup was still live when found.
Learn more: https://thehackernews.com/2026/06/pcpjack-hijacks-230-aws-google-cloud.html
161 778
Agentic AI can accelerate defense decisions — but only if the infrastructure is secure.
In classified environments: poisoned data, unauthorized access, and broken domain boundaries can break trust fast.
One frontier model was accessed within hours of preview.
Security must be built in from day one.
Read why it matters: https://thehackernews.com/2026/06/agentic-ai-is-transforming-defense-but.html
161 778
🚨 No auth required ... a crafted web request to Cisco Unified CM can write files to the OS and open a path to root.
CVE-2026-20230 patch is out, PoC exploit is public, and no attacks yet. Only bites if WebDialer is ON.
Fix: 14SU6 / COP / 15SU5, or kill WebDialer.
Read: https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html
161 778
🚨 One malicious GitHub issue could hijack Anthropic’s #ClaudeCode Action and turn prompt injection into repo write access.
In agent mode, a crafted issue could leak OIDC-related workflow credentials that attackers could replay.
The bypass trusted [bot] actors. Fixed in v1.0.94. Audit your workflows.
Details ➝ https://thehackernews.com/2026/06/claude-code-github-action-flaw-let-one.html
161 778
Most teams manage open source software by reaction. Get certified to govern it.
Open source software powers 98% of applications, yet most teams manage it by reaction, not design. This free, self-paced certification shows you how open-source dependencies enter your software supply chain, how to remediate vulnerabilities, and how to govern what reaches your environment.
Get certified for free: https://thn.news/activestate-security
161 778
ThreatsDay Bulletin is out.
🔧 ClickFix Tricks
🕵️ Sketchy C2 Tools
📜 JS Backdoors
🎮 Steam Profile Payloads
🤖 AI Agents Breaking Prod
🐧 Old Linux Bugs Back Again
📦 RubyGems Cooldown
📞 Android Scam Defense
... and many more new stories.
But same lesson as always ➝ patch faster, trust less, watch the weird edges.
Read the recap: https://thehackernews.com/2026/06/threatsday-bulletin-ai-agents-gone.html
161 778
🚨 China-linked cybercrime group TA4922 is expanding phishing attacks beyond East Asia, targeting organizations in the UK, Germany, Italy, and South Africa.
The campaigns use HR, tax, and invoice lures to deploy:
🔹 Atlas RAT
🔹 RomulusLoader (New)
🔹 SilentRunLoader (New)
Details: https://thehackernews.com/2026/06/china-linked-ta4922-expands-phishing.html
161 778
⚡ Skip investigation roadblocks with verified threat intelligence
Get insights from 15K+ SOC teams and 600K+ security professionals to make confident decisions faster.
Integrate TI Lookup for instant context ➝ https://thn.news/threat-intel-lookup
161 778
🛑 Google and YouTube ads are delivering FlutterShell, a new #macOS backdoor that passed Apple notarization with valid Developer IDs.
The malware can hijack Chrome traffic, run shell commands, alter files, and update its behavior from attacker servers.
Read: https://thehackernews.com/2026/06/fluttershell-backdoor-spreads-to-macos.html
161 778
🚨 Fake sites mimicking Ghidra, dnSpy, and SpiderFoot are ranking in Google searches to deliver malware.
They show real download URLs on hover, but clicks route users through a gated TDS to Remus Stealer, AnimateClipper, and SessionGate.
Learn more: https://thehackernews.com/2026/06/fake-sites-mimicking-open-source-tools.html
161 778
🚨 Hackers spent 5 MONTHS quietly copying a senior executive’s Outlook mailbox at a major Global Stock Exchange.
They ran with SYSTEM privileges and used a custom tool based on the legitimate Aspose library to export emails in small batches, routing the data through Dropbox and OneDrive to blend in with normal traffic.
Learn more: https://thehackernews.com/2026/06/hackers-spied-on-stock-exchange.html
161 778
🚨 Attackers are actively exploiting CVE-2026-45247, a critical Magento RCE flaw in Mirasvit Cache Warmer.
CISA added it to KEV. The bug scores 9.8 CVSS and allows unauthenticated PHP code execution via crafted CacheWarmer cookies.
Patch before June 6.
Read: https://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html
161 778
🇺🇸 U.S. authorities and tech companies disrupted major Southeast Asian cyber fraud networks.
DoJ’s “Disruption Week” hit 1.4M+ #Facebook, #Instagram accounts, 20,000 Microsoft accounts, thousands of #Starlink kits, and froze $3.8 M+ in crypto.
Seven arrests were made in Thailand. Scams cost Americans $7.2 B+ in 2025.
Read: https://thehackernews.com/2026/06/doj-disrupts-southeast-asia-crypto.html
161 778
⚠️ Phishing is turning into insider threats.
Stolen credentials let attackers use legitimate access and blend in. Most tools miss it because the activity looks normal.
This article shows how to detect these connected risks with unified monitoring and practical techniques.
Read: https://thehackernews.com/expert-insights/2026/06/detecting-phishing-and-insider-threats.html
161 778
⚠️ Poisoned #WhatsApp, Slack, or SMS notifications could hijack Google Gemini on Android.
No malicious app needed.
A single alert could make #Gemini fake messages, trigger actions, join Zoom calls, or poison memory.
Read details: https://thehackernews.com/2026/06/whatsapp-slack-notifications-could.html
161 778
What would your IT team do with 150 extra hours a month?
Join Jamf and Tines_hq to learn how Jamf automated phishing reporting, employee notifications, FileVault key recovery, and more, while reducing manual IT work and accelerating response times.
📅 July 10, 11 AM ET
🎓 Earn up to 1.0 CPE credit for attending live
Register: https://thn.news/tines-it-automation
161 778
Hackers are abusing Google DoubleClick to bypass security tools and deliver DesckVB RAT via personalized phishing pages using victim company branding and location.
The .NET trojan establishes persistence and gives attackers full machine control.
Read ➝ https://thehackernews.com/2026/06/google-doubleclick-abused-in-new.html
161 778
🚨 A single debug flag left on in production exposed BILLIONS of Microsoft 365 Android users.
Any app on the same phone could silently steal your signed-in account token — and access email, files, calendar, and send messages without any prompt.
The "FlagLeft" bug hit Word, Excel, PowerPoint, Copilot, Loop, and OneNote. Microsoft has fixed it.
Update them now.
Details: https://thehackernews.com/2026/06/microsoft-365-android-apps-let-any-app.html
