New GPU Breach Attack, Medusa Ransomware Using 0-Days, Flowise AI Exploitation

THN Daily Updates Webinar ➞ Patient Zero Playbook: Threat Trends + Best Practices to Prevent the Next Incident Attackers are moving faster, using AI-assisted phishing, malware over HTTPS, and data-theft-first ransomware that signature-based tools simply can't catch. This session breaks down how these evasive threats gain their initial foothold -- and the Zero Trust controls security leaders can apply to stop them. Download Now Sponsored LATEST NEWS Apr 7, 2026 The Hidden Cost of Recurring Credential Incidents When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Report puts the average cost of a breach at $4.4 million. ... Read More New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate privileges and, in some cases, even take full control of a&nb... Read More ICS/OT Pentesting That Won't Shut Down Your Plant — SANSFIRE 2026 ICS613 teaches safe, effective OT assessments with real Crown Jewel targets. D.C., July 13–18. Read More China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate "high-velocity" attacks and break into sus... Read More Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question is CVE-2025-59... Read More Why AI Does Not Need to be Innovative to be Dangerous AI-driven attacks optimize mediocrity in standardized environments, lowering costs to $5 per attack and raising SMB victimization risk. Read More Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity,... Read More DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting organizations in Sou... Read More Webinar ➞ Patient Zero Playbook: Threat Trends + Best Practices to Prevent the Next Incident Attackers are moving faster, using AI-assisted phishing, malware over HTTPS, and data-theft-first ransomware that signature-based tools simply can't catch. This session breaks down how these evasive threats gain their initial foothold -- and the Zero Trust controls security leaders can apply to stop them. Download Now Sponsored This email was sent to edwardlorilla1998.tower@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi