All News

The Hacker News

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ8l0NucKedkyhQLr7E5BKEvF8JlDztA0fBd3dL1lku0PJHK4PqEpa1mkpxpWhYKq4MpxuL1fr9p6NbpkU8GfhFTct25hVf6bMPsTJDTfQz71Y_aQD0gv0ln0gYFDYMEbTQ1s-52sSJz0OgoVjhaDkq1TExIJzTdIrLUjmZPwe1tzKEHDO_7-JKV9_BDRQ/s790-rw-e365/1000046762.jpg

The Hacker News

January 10, 2026

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

MuddyWater launched RustyWater, a Rust-based RAT, via spear-phishing Word macros targeting Middle East organizations.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2wiOQx_WqaJOurFU70JNrticSZpssdRy9WR9QT13NyeILmm4U_apbN1YxO-67pfJqcF-z1SuLhcNagwr2FJXlvWz_wRa2CLxWZc6pPvEe60nCQKm8mek1mabnBvfkpNnZSe8CzwERR3wPp18oH48tZ9TXSnMYf_PIvBUAC0-mbdCrC6Q7yafFVfQxfQU2/s790-rw-e365/euro.jpg

The Hacker News

January 10, 2026

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

Europol says 34 Black Axe members were arrested in Spain, linked to €5.93 million in fraud and other organized crimes.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhm8E9a8qNOO2_xOS89H3cvGDWPpRKo2WRFf41jVFbT6TGf62B4tUg2HJVFblopdAftu8NYjNO-S2MF-_VOr6mHghokD_zhl8Ybf-H8XLhw5_E4tDfkvIfjltzVwsOo-BK731rpbx2-eClOz4yN3Nw8nHXZaRo9ATkbzTLNIP9j7OaeHCdebT_S8uXri6Iu/s790-rw-e365/vmware.jpg

The Hacker News

January 9, 2026

Chinese-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain hypervisor cont...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPdxYSMtSRuI2tUw5WuEtdO7TqxIsOINGF4_fEo5tCu78MNzrwXQPUVmuZPWjwk6VAHCt29c0WZLtSIQmTs-q79mulS-aNjqP20AlLb3BaGBh6lOzt5m8zQmsea2F95byJfOqgwYg6kCD_d5g7D8B9afT7rDpXjwtakUOsj6xlN_ybZ7hcxQPzLuihZ7qx/s790-rw-e365/cyberattack.jpg

The Hacker News

January 9, 2026

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian-linked APT28 ran credential-harvesting attacks in 2025 using fake Microsoft, Google, and VPN login pages, PDF lures, and legitimate...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjb9QOohRkPHWLUduOVvPGl5O_7XAUwKm4ThV8HIuMnOeD_LLaQ9fhnSRr-DuZgzW79qBoSL0qAt222iAkunN6xDmpH-qRuz-yLH4aEe-wrRODBMGw2_qHkSdriRXYRIWKJeA-Ux2ZYOwWucjY-D-90RnkG3SAcl5rA6bVg2kebUFnay6GRy92TxaIYnkr4/s790-rw-e365/cybersecurity.jpg

The Hacker News

January 9, 2026

Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can't)

Bitdefender webinar uses real-world research to identify which 2026 cybersecurity predictions matter, covering ransomware and AI risks.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0g-pVmmuKjF27CaQySVEJl4oMN20t271uPWVmcHbp8d_gF6yHehH-MvQAsQJ6H6-S9POiKFiUQUfjBIpbgQ8pP8ERTQK-tVtNAhrhTE8qWaNW8wAnE26o8eDpZrWHzsLdktcyS9Wrei5cx2FYVhnbJkUuWss7SSP2khMfwODaOWBxXnR5OsUvsZlBuToN/s790-rw-e365/trendmicro.jpg

The Hacker News

January 9, 2026

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro patched a critical Apex Central on-prem Windows flaw (CVE-2025-69258) with CVSS 9.8 that allows remote code execution if access...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBCJIhk0qjfbnm2KUB13dO9l_HbxQUx1WXqRM3iJ1SV7mQ5qG2RsPvgt-hB71cNpf5rmqc4JxpFdw275-lhmjzXJ5xyFC4J0R8dqBIOwe448TFZoM2MSmZu2hsczUAQExdXSXSa3P4tbpKylIL6zNeQzIiL5mfL2OUZaboeu_xjF4e6fzwTPcL-MJIp4w7/s790-rw-e365/cisa-dir.jpg

The Hacker News

January 9, 2026

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

CISA has closed 10 emergency cybersecurity directives issued between 2019 and 2024 after required actions were completed and enforced under...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgse_7aGT72WMfI84aD05FVQShHvmKX2cLQnvrpoCSDCmVuArEHaqVjxxzESK58K9zsdB6q5T3uDSwEZrwfEd42kD1daVt-o12gjKLGqoiKiAH29poW0nn5CuhjjLIa69jGl4Xg7bw7wBtm8At9D6aJxUxg53c2kvH9GSjH-XQNvASYWI2om8Ic76fGaPXt/s790-rw-e365/qrcodes.jpg

The Hacker News

January 9, 2026

FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

FBI warns Kimsuky hackers linked to North Korea are using malicious QR codes to bypass MFA, steal session tokens, and hijack cloud accounts.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYFJO9rj-4g9MZUaHNkJ-OnOQ8chRQD9P0NwEU6-yh-_9eaNTNRTPn6Pozv7uJCpBVtgdE_OVgnpXiAtk-LwWFCcOPom8RjmrK1k-AYKXcC5kb72v0RtI6QFsfSngAzpFPIc9NiMUiGK3_DNnuxVDw-XChMMhCw40cBaa4F988REweIBKWk8TQGRfmHJhG/s790-rw-e365/whatsapp-worm.jpg

The Hacker News

January 8, 2026

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

Astaroth banking malware is spreading in Brazil through WhatsApp messages, using ZIP files to steal contacts and banking credentials on Wind...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIuo2qB5l6db9QikPiuSfBft9oeKf1XAw3ncOyYjA2V34TZdm8KZKAARqUi9GffvgaVZGqlGFw9Ntj0t-sRzWuOL-OOngT2MeB1at04yfHwaT72o6QFRtnJkwczGdrv_F9snu9cBoNjn9hJ1XjbTdgNSJFIGXxzMbR34LELEqMXZ_s_jZS3oXSCnmS3GQY/s790-rw-e365/telecom-hack.jpg

The Hacker News

January 8, 2026

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

Cisco Talos reports China-linked UAT-7290 spying on telecoms since 2022 using Linux malware, edge exploits, and ORB infrastructure for acces...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYqkrQT2-0GXXeWkPsNM5dnxJyFwJ5MdeB5Gj_PWzNa168z1Gchyphenhyphenfx3tl6fCSBzjHnmPCD7IDR38mbY36lifKUwB0qBjtX5A8vbCn_fwvsAFZcExFwJi7w4Y6G_R_rZ7QzpZEDlNkfoP7w5gGFlN6nbate4XgsNXm9GUKHlkW_DJs9mlGd7wxNWWuvK0Lu/s790-rw-e365/threatsday.jpg

The Hacker News

January 8, 2026

ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

Weekly cybersecurity roundup covering exploited vulnerabilities, malware campaigns, legal actions, and nation-state attacks across cloud, AI...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZoKSxRFayxkvrH0IbQJcIVluEGBHP48Adp3NIQ48I_QbNUy3N91tDM6UFfvq-OrbLJkBz91GjwO9Qb_iEtDHgha1j6IYbWqtemdZ19MF0cdUrdtRfZDwf_3QT_gJk1BkqUdxer3wz80NZUw6-hHGdr_hA6LRwSo1zYxa4Q34tGLLCnxiv-xtnSAQYj58/s790-rw-e365/Chainguard.jpg

The Hacker News

January 8, 2026

The State of Trusted Open Source

Analysis shows most security risk sits in longtail open source images, with 98% of CVEs outside top projects & Critical flaws fixed in under...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjybuSkMzO3sPyC2aweCyQ7gBCiWeZ0MKZORj98gSkWfOtEBpzOFHt7hqNsdT1eqWpHyhQfiHHUw9U6sMvAI5Nj7JYfXd-BbxZYhV7AFPY6orjs-g0asPZceU4bBweF1odEupcmfSvxXx8Jsci1v8alq87jE0FJPaE6uYHy39KIBaoYd97VqDPQELznEpwJ/s790-rw-e365/cisco.jpg

The Hacker News

January 8, 2026

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Cisco released updates for a medium-severity ISE and Snort 3 flaws, including CVE-2026-20029 with a public PoC, and reports no exploitation...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtexcKpvH8t1IN9Taxc25I-ykg1l98ahAsVYMYGLTw9Yy7W9ULsjlRNgMG0yUOpKRueTn5N36hOYSrgYP_-vZBuUYCzGgVleyQk0bZULbbIPYrfJxLPsZkJBQDjwooYWOllT3ifqBb5_T-JW6WywfZFvtKB2LQPySRO2kmhIfTQgxUSshZwyBNoC1J2nNv/s790-rw-e365/npm-malware.jpg

The Hacker News

January 8, 2026

Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages

Security researchers found 3 npm packages that installed NodeCordRAT malware, stealing browser data, crypto wallet secrets & tokens using Di...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiTPlT13VFHh6Gnrmg0ozwHRlYaVFKySt-BBjowr5Az7KwqG4PXVrH9n_1YTLZpuJHf02fu1TJBTeHKLnDJ3UTzhZR_8ldCYcHRoSoUaqhmj1vrBqDGn3StC_LYhVzLI5S-iFELOqLhnet3zlgB91h5KehCfvyoQ9IQc_MZt_bE-Y3SJ0fvVUAkLVqx6zw/s790-rw-e365/coolify.jpg

The Hacker News

January 8, 2026

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances | Read more hacking news on The Hacker News cyb...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiG4JjVzaUBhtnt0VrEKyVRib_UrgTLXJAKDFh5laNkMyFhaeJl8PqEHGpBEh34MW4YwNxIDbftlhHFHI56gxVW2RWWYnT9f9dlRpKsuWNFIqV4Xgn9xZegMmow-NFkNUPye8J0iT1nN1QikfsAuSbA2Qi3ZqPEdcEL6sFKl1cgRrxbhWB-Jm9XLAwwwtmy/s790-rw-e365/chatgpt-health.jpg

The Hacker News

January 8, 2026

OpenAI Launches ChatGPT Health with Isolated, Encrypted Health Data Controls

OpenAI introduces ChatGPT Health, a separate, encrypted space for health chats with optional app data access, focused on privacy and support...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEga4BuY0cfkZtUBEs_clNF6tMFR1KPmYrO-dUbtA75BQSRTRHiV294UlhyHIcAHpTJd9iQVHEF4oDBCal-yAZvcRPofh22MzIqcyEA-JA2C1syuAiWdspPmKG6f1Hrr_kOdcg0PLHh75t9x1-ubtcj_QhpA5g5nHkZEkG58dGFGBuzaZ0DJgVG6AWwjV2J8/s790-rw-e365/cisa.jpg

The Hacker News

January 8, 2026

CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

CISA adds two vulnerabilities affecting Microsoft Office and HPE OneView to its KEV list, urging agencies to patch by January 28, 2026.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhi9E2QJsYrvm3dqEopONz5kjVfdtq2x9G7xmpCyYyijQ9R0NbcGLLX4GJypIXBWFVLBIflmcF47QObTpLJxoqP-cE20PgR9v9Of_BhpD9tEVBkuF_RpiAufDanr3ClW-ivhdfr1oh7a8r2gO-N8m7M1Mv3ztVK6cjQD_ARlJKdDjBV30C7v9x4QMa4uolg/s790-rw-e365/cyberthreat.jpg

The Hacker News

January 7, 2026

Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

Fileless attacks abuse trusted tools, scripts, and CI/CD pipelines, creating blind spots that file-based security can’t detect.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRmvh_VGQV3SHDgFZ8xqgyEkPWUl7nJQ9sCacu3z2jU7lgI8brolO60urOgFHXiKeiia-DbnqD68GCnaK7NvmOiAGHRAEMqIud07DMQtT-8Fz7T7YuQXztiCFKpjcga_4klOnWBbTMA3-O8blyLt_roer7z66yEQ_tFFR3XEZn42Y2tC7jLcFk6mLyH6FK/s790-rw-e365/n8n-flaw.jpg

The Hacker News

January 7, 2026

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain full server contro...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiafpcLSwwnkKivk1KL4R92i5R3wIeXrHe7OiXMYG6qyx9YZAxl74FH1pnaNUgjwJZ-XUHw4fCoDufnEbb9B_dMNH4qsjmDAe9afDJc_YpTi-vKpxcbnwVWtadtkoJL_Dtqg_piby9p9LULtjk3jrgZTYunG5D5_mQuAJQa1SHPHnP5zgGMOIPa7vg005c7/s790-rw-e365/n8n.jpg

The Hacker News

January 7, 2026

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

n8n disclosed CVE-2026-21877, a critical authenticated RCE flaw with CVSS 10.0, fixed in version 1.121.3 after affecting earlier releases.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYNBaEaqMpnYMFHKFEedrGcP4HSZ_2-sa5EjqnE0U1Hh_9-d2iu_UtCTxHavvjHYZq54fIa9Q3lyaXdHSH25-vn5kLz97muKX6Y8k8U4PG4Wer42axNEzxMsOeRq_1x4SUKvZCRQ4fBAmx7zWu2z2IkE5RTD8oW69YnKwn_K8AtXuC1eK2juaOVxg5QqeV/s790-rw-e365/veeam.jpg

The Hacker News

January 7, 2026

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Veeam patched four Backup & Replication flaws, including CVE-2025-59470 (CVSS 9.0) enabling RCE; update to version 13.0.1.1071.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHZJ_x-tDf2JaX7jVZDlS1KTcw7PnwLR03qRgpIHRBtIvLNIybJd8Gw058LyQyjV73UUJy39rcTziPgH9B1cqkTeOMF5zn7GstRSXG-MV1kWEfbnsACIM7VDbodevFXrvnYQjZjQMmicjj16dM6nb1tUEhsoDSQ5UOFAGpaG3P0XCpR5s5nazAf9npmgge/s790-rw-e365/email-phishing.jpg

The Hacker News

January 7, 2026

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Attackers exploit misconfigured email routing and weak spoof protections to send internal-looking phishing emails for credential theft and s...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilyYADOHMjVaRNmtGaBfZPuBBjV_zLAAmQ5LxnNXcpM_sHfQYws0W0gowwIgUC9-LBYr-y4eb5HK1cyqC857lCqKz1M_EHugfrzmkAL2vW-0SoRCdJpYsbZv8fd6-5EK8awrdD7a4eCaTZTJB9BLLDdYZlKNZQJ4Pwp7aok-jQ793kB7ft_A5pIgtCqvuQ/s790-rw-e365/chrome.jpg

The Hacker News

January 6, 2026

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Security researchers found two Chrome extensions with 900,000 installs secretly collecting ChatGPT and DeepSeek chats and browsing data.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlFgZ371OJLB7x0fK_3a34h710DpAHQLeyLQyaBpp1jhfsFyRD0-tmkLhXAvv0VD1XnU_WK8g5O16VUob1aHIyQf2smhkn6llIaC_H5_6MwogFRD11Hfp-w2kPc9vgiBUTlnftXM7VuCMsFmBPwxtyvAokqOJbgSAndESDU3qZV6-R9SH6meqbyuyoFk8n/s790-rw-e365/windows.jpg

The Hacker News

January 6, 2026

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

A new PHALT#BLYX campaign targets European hotels using fake Booking.com emails, ClickFix lures, PowerShell, and MSBuild to deploy DCRat mal...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh4kfbdw2kmRhvFRiWagiGm-NomgkxXOVp915lPhU1nQ5FwQq4P08SOOLN7uVSAoojBSuz_sAI7rcgwWvp53esgON2dDVqB7C9EhkxGd5dz6IsZJ-xMLegtI9mAbJBRsidXMjRX3TUBTtPl1iY7Jnh0KhPcJnRggbC8WFgr0w3Fm6zTfIjZYWKBrMZZHna/s790-rw-e365/flaw-n8n.jpg

The Hacker News

January 6, 2026

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to before 2.0.0, fi...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaeV0itvv125PlLqvGK97v34m6fdEcSIwgagUCSvL0Z2hcuBWhc-Va5zUjeF3_CgbFojPUcu-Sx2byaI00B67aw49WjKuTDH7zrW7f2Z3lbAt4HLkfA1-k2Vo2sGbrOO9XGCGGjCYQKfdCiUee_aL_UwgcFfxM2jZJxQQkFAtF9P2_raILtD7Orm01ixpE/s790-rw-e365/android-malware.jpg

The Hacker News

January 5, 2026

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

Kimwolf is an Android botnet that infected 2M+ devices via exposed ADB, using proxy networks to run DDoS attacks and sell residential bandwi...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpEUDAXLw6oaBwuDDWjb5LC1ARsZq2fg3GJ-qKhdAf-FchvPbjbdME9JLzX1Z2R8OKWYbYAg7BEVYf0LumhvXR0EFs2t8Okw9sXB4-aw-7orrIS93AuWlPnFGV5wfzCux97MCn8N2o7VXbeo5O5ph5m4hJHpunYmbw7Lvv16SnIlos6ZVjtboqT12lIqkk/s790-rw-e365/recaps.jpg

The Hacker News

January 5, 2026

⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

First 2026 cyber recap covering IoT exploits, wallet breaches, malicious extensions, phishing, malware, and early AI abuse.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQHttkRWlhnoY7X21do0-v7c6Hj3XTm4hnSkq55zBHP-kg_1DZjmCGSM24vn3M8Q1AnbGCELSh5c96bdCdFv-Bk_Yp7dScb9Oc5s1aMUXYfD4o9XFgbiRMOshxPnecJRXCVV7xG3tkXnn2Zs864ycdmnLthzQ42zoZ2Kb86LFuwGfsi4030jzHIZ2L7NA/s728-rw-e365/bitdefender-main.jpg

The Hacker News

January 5, 2026

The Security Platform Is Dead. Long Live the Security Platform

Why security platforms rise as tool sprawl hits 45 tools per enterprise, consolidation grows, and mid-market teams seek simpler, prevention-...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFoSUYkZi1PnR7_XDnEwu_ZZaBhpLuCssykwEM8x8vGGWRH6fHkwyCqaMNWJ7DzZ5zi_fyabPUC8a8gszAcaSPncbhTOmmKZfZy8M-qTFjdU6Jlz87nV2oalablLAZENIsFU7MIleVfDgi_yYxqB1c3QpXlEyPW89xIwVmInLThmIrDdQosJR2iatZGhDr/s790-rw-e365/discord-malware.jpg

The Hacker News

January 5, 2026

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

VVS Stealer is a Python-based malware sold on Telegram that steals Discord tokens, browser data, and credentials using heavy code obfuscatio...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEt7jwmcrKnbVzQYemp-nW0OkJvUUvJgNTgkW4ttQzYUncL_JDzqArCi8ZNriBIOsBW7BK5XlVLPSPAuQLLR7emfIQnmQOnY6CI-zJSXZhGeMjtiEHphLnBh-ujMgP5W3j24nFrYGGegsM7Eyqo1o18KAFiEY26mrc9F8KkZpENJYPM4dANATvt_UKlPk/s728-rw-e365/adaptive-main.jpg

The Hacker News

January 5, 2026

Deepfake Job Hires: When Your Next Breach Starts With an Interview

Deepfake-driven hiring fraud is rising, with fake employees gaining access, stealing data, and evading detection across organizations.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaFyRmyuVgO_C0sj1T6dS6xOHtQzLfUUckXuj31BDmfIdvD6xMza5hxryu06NflKvAWIOrqiIl5qZRQRuiTXiRoGkzSSCmfffHmkoW6w1yu7wWkXbk3YnnPQojFwLfDhnCvmjU063dxagQoIPFtiyxLoBP-V36reDJ7__kmAZQ5UD4Ybva-cvjDryruo2W/s790-rw-e365/india.jpg

The Hacker News

January 2, 2026

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term persistence again...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOgqxWyZ5k1mEMGQ8sCbC-M19ff7_TVyt69pnktcYU9wNBJttxeAp9Cw3dzhrTdYwKNCYNPwOa_GV1OND0GP9cqYCLMO7A2vGJS14t32VoYAvv_R4NBlh1Jk7Cv8h3B_tp8uuHak1rB0vLwYycZHbpZc3KlWLQRXy5mg7Y_J7mC6zqepPwbuRNlArMGLE7/s790-rw-e365/main.jpg

The Hacker News

January 2, 2026

The ROI Problem in Attack Surface Management

Attack surface management ROI improves when ownership, exposure duration, and risky endpoints decline—not when asset counts rise.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYs3DrTLoxNKDEunQc4yjZyAmnuhSyJGccrpxhneZyB6iJ29zkbfcoDpsPZlJYL59ZNTX09BS4FmbV_Yv2WjkB-mptBp_vVyYa4PpPY5jk73XydEvhAdyS-oHdUzSmbCobA7Gnnf6Iogvs3YdR2yC0XkkCGzdz3e9PQ3qg5kaVRVmn3OKxLbfaT2b0SIld/s790-rw-e365/phishing-email.jpg

The Hacker News

January 2, 2026

Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

Attackers misused Google Cloud Application Integration to send 9,394 phishing emails from Google domains, bypassing filters and stealing cre...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpopD3Sr47ByE_zUhbMp2X-Y6mYwjadauTKcWNbN0U0__mj7sWOxknQhTJ1O4n97vYFSsGrJ4NR1jA1GGpqNDWDqiZkBcJF9BXJ9GB6nkjqlizHrxSyd37gCO87MwUOcjLnCicQv5htud-3JzoTZeDO6qxHAtiFfbE4y7IK1QQnos0LYbrs4b3qZ2gq3Zk/s790-rw-e365/threatsday.jpg

The Hacker News

January 1, 2026

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging cyber threats.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQtdlV7ySzud6pktbmLsSyAnWoLz3a-ROUuyJ1mvoIfcbCrlQkb2dQJ9TqxDFk3dtTqO7H2XEFznwMmOoM2CEGaU41loeAh4MYXWm5L3rVdUCH4WyVZlp68Z-dTthmsTAcrS3l9LIDxrmEIYkMGDgVAQYtfXgVPes9kB2F_ilQxWd8qeK0JCJbo1JUmQ6d/s790-rw-e365/botnet.jpg

The Hacker News

January 1, 2026

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and malware worldw...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgv_KQxQETJOGQo3bnCQJDl_q0JjioroSN5Jrh3NWhbSoQ0b5VbaBBfodYWplOfTNRyR-s08yD5yjWX0STJVTSjQIS-2iGk9fWae2WsFdFi7BgVVgBKMoeFc-5wSTHrmAV3XQ_201aIGRqiZROKfo0gzePyHDmBV3Y_SEMsJIx2id4Lc9Dg1oOb7VCvyXk/s790-rw-e365/Adapt-Browser-1.jpg

The Hacker News

January 1, 2026

How To Browse Faster and Get More Done Using Adapt Browser

Learn how a lightweight browser architecture can reduce overhead, improve performance, & help users browse faster while staying focused & pr...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMbGd5gZt4LivTf91n0rkIqb96QTFiXAPUGZIjWetmK58EeBHuQNFM6PQ1WHeNdTsg5GmtM9qWLoNz1jXn9S1t_zbP02pp62aPKYqruzZ81_fqujiRFvpj1MTxKP9VA6jeNk2Xw4Szx1UJ3ndXXEaV9-T9e0uFqieAuvHlmLRiU2RjTEkDf-Ft9YL6pyx-/s790-rw-e365/crypto.jpg

The Hacker News

December 31, 2025

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Trust Wallet confirmed a supply chain attack let hackers push a malicious Chrome extension update, draining $8.5 million from 2,520 wallets.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3BlrabuZMmyZXh7mVD8BfgxW1K7DaJwh4FqMKyPBod0SCwsR2L24g7oYk4e4hJnScEHlg4HMWEZ2041ZzwMnbs9gEQ0bNcCIu38ZhNtum_YNF01PEJBOI-O_qd4wSLxmYvrAvlnLugMGX9uolGrhsRvWT5uYX1p2z8YgwbY6qdgmJZcp5yPn6RlAhIMe2/s790-rw-e365/browser.jpg

The Hacker News

December 31, 2025

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from Chrome, Edge, a...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_6aF_LtBQsxfp7ziJZ57TatgdnnjgWwDKQRdgCbPqj8o5Fk-wS94TV1LNcXqTTAr6sgpty7xjiZ58uFabTBr7az46u52ETTgROTfakpeYBSRAXMjrNkyWdCtJehPjCZGGFalG59NRL8VPfQbe-F9R8ZLmGQ0EBXw0bgh0XStROWKpyIio2-3MOK3qH1Z2/s790-rw-e365/ibm.jpg

The Hacker News

December 31, 2025

Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System

IBM disclosed a critical CVSS 9.8 authentication bypass in IBM API Connect that could allow remote access; patches are now available.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLzpeFOZHp8C7GZ0cMe57PMU10zY3RqrxkvwgczNMI5wgXFupY9-FWJ9YcOxsXyp8CS2DeqAPdzbyWgRIORNHw07bTMNOSidgkAI7CHrQ58iw8E027cxPGaxNmpQYEooO2OyRlWRe96ebuX1wSLsqOB7doUZaKELDsTn-vh3ht6Ti2RN1VTnTfsTtu13gA/s790-rw-e365/npm.jpg

The Hacker News

December 31, 2025

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets and spread malwa...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV9iYApTtWG0KxgphidiTj5byahP3v542tKMm1cMrVGsc4_KDJKA41BBDM0BbaiusYU-zCVytBp99VDpal0qJpvdyWinLrCLitoGYeMQ4FI1Bb-kJppiAUPSBMeMFNRre-m0NZ-ZFSjCIiPbo2DVFBa7K8qJnsRAl7eZ37tAhVmKLb7B5YLUdyLJgJDE8S/s790-rw-e365/spy.jpg

The Hacker News

December 31, 2025

U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

The U.S. Treasury has removed three individuals linked to Intellexa and Predator spyware from its sanctions list, without explaining the dec...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDGmYwQ8c2eXwEoxAV4oGX21DPSHEpPLFUcOpQPAs7kXyKyG-bd41diqFVSWAm_kERqHzynIxLke6Aj4JU9LxRVyC3CB-dsq3Rm4B8KHyNUd7y_5uQvl3rgizk8dmhwQLWDVuvGCTKH6c83Etx9Bwtvr_hvPhIq35iFNgRLLFCGON5cTSwj3KlYk5C25Fh/s790-rw-e365/mail.jpg

The Hacker News

December 30, 2025

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload; patch availab...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTjxYF8a3raCHDKDawUyyfucLX4__gbjxE1-iVkP7DWO6wmxAz_c8HjKmGT5LIc3owZvwIoEpNMFg7ahikG0vgK1ccyTXlw6bE8bFcDrXoyPzm9yfCDMJqbEIgwowlGFggrhjvinRXfk0A4NTtPqaGYazaABx6QUESPUcm2kuazYtNq01dWgPHpiadpySF/s790-rw-e365/email.jpg

The Hacker News

December 30, 2025

Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware

Silver Fox is using India income tax phishing emails and fake software sites to install ValleyRAT, a modular Windows remote access trojan.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeQsyuyYxxOLBhyphenhyphenPUOI-UHGn8mxloyzn4GBFnuh7p3h7XUB7Z2K2kWdI2A-k0v5GKJqRANeUQ8NZknDo1M5zTdqyYyTC3vAKThq201gtemBUHiFq1GjWc1VrfMPKS7knIFoV7mO-l20SaKKVbHs-t86wVFDEqjUz-VQkVXOiB6hD5QlzLVWdQYml3tPww/s790-rw-e365/sans.jpg

The Hacker News

December 30, 2025

How to Integrate AI into Modern SOC Workflows

The 2025 SANS SOC Survey shows AI use is rising, but many SOCs lack integration, customization, and clear validation processes.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjecDtf2H25Vece2raxEXtqLjCcgahGUR7FG5NIKWeyx6uIvaFtMlBZUrxC3Yz7RKWiVsbXyllunwBYTBEHgct6q99xvKtNR3U9SvdxMOnfbiU4UN8UgO_CLq5yowN3ZwYvw0oI5Hv7K8A14kLHv4EJaLZzowPdhSNBCE86fJF8G30qcTYYmBWCY4mMSEoh/s790-rw-e365/rootkit.jpg

The Hacker News

December 30, 2025

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security tools.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrlyxi5CiR5jY-vAJtPcjpGz_L8q6_hbThbQ6ZRXd0HLNpNxG4_KNwle_7EXt_ecUGABpDmjxO2bLwLPfjUmWKfTwuP0Lh910lNr4TE6q2MAm44XQzS2k0b9RJTr1aA74Q_aNkz9frFFNZjlGuafhIChvMiOpQhzD7OfEpXZZhh_GRntRLqmRtmsdrW1NX/s790-rw-e365/recap.jpg

The Hacker News

December 29, 2025

⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More

Weekly 2025 cyber recap: MongoBleed targets 87,000, Trust Wallet $7M loss, LastPass $35M theft, DNS poisoning, npm WhatsApp trap.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNiZRABqAp7GJHhqKTlxX3mAmNX9ySsz9docL7x7bhIaRThcg3I-nlQu1UaXaS6t8T2lQCRhw9xrLkB8neLx4H_a4cJtoOBkvRsUFg29lg6TsqSjCga61QB0xU4H72eeXjXvfRepZGXIpcLWVrcqNpu3_dCwaSbusP2AJc11PIkYmWmxrW5b_6SOlJPivt/s2600/mongodb-exploit.jpg

The Hacker News

December 29, 2025

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ vulnerable servers w...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbarqmk-H0SfVP8X3eR-wcY-UAzQs4vgDfk6mZCaOhgsKNAmf1pLBT_CfB6bMSHARl1UMwvkmd1SL9INOF4KyHSMr7eCO4lWF6745uHql2CwA4iWIGik-6yynnmPNOjdNi9FMXD6pCx3GIJ8T8em0Y6kvg-98a8AuatSM9Ql4zgApKEPOP1pySjfOrblmd/s790-rw-e365/npm-login.jpg

The Hacker News

December 29, 2025

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from targeted organizati...

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiomGjDLekFSBoR01Dq_fed3Ka4xlF2C7QEUPeyjySDg6tHRMKyjzilC9TfZYd4xTzwrsSAKhDZ8hpMGjiEZ-APKcq9cCLPtkHHWvaJeWXTNG5D63C3dDvJVd_8Ws6z8PdrwDpHxUOfgVC4xIs6OeUk1YLO6M8Zx9gXTmJy9oDl6hoJ-oCVQ52qt5cC-BiQ/s790-rw-e365/main.jpg

The Hacker News

December 29, 2025

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

AI-driven attacks leaked 23.77 million secrets in 2024, revealing that NIST, ISO, and CIS frameworks lack coverage for AI-specific threats.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiyT_32t0dBjwnGTamsqSrB1jdPxZFMFb_GMzemmxXBm3HbtqrnJNx4VqVUF8tMKdHStEwTAU-PLcOHDKsbHvF9SSVig_OGEnWFKl81BORRb5h34UUFitJuYJOF-Trvrq-nFm5m-AzFe_dQRWYJgCOTJvzVnSzXCRgEAshv0EHR35OKUxGHr3qYg-M1vQHV/s790-rw-e365/mongodb.jpg

The Hacker News

December 27, 2025

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

High-severity CVE-2025-14847 allows unauthenticated attackers to read uninitialized heap memory in MongoDB due to a zlib compression handlin...

Showing 50 results of 52 — Page 1