All News
The Hacker News
The Hacker News
April 21, 2026
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
SystemBC C2 exposed 1,570+ victims tied to The Gentlemen since July 2025, revealing expanding ransomware scale.
The Hacker News
April 21, 2026
22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters
22 BRIDGE:BREAK flaws in Lantronix and Silex converters expose nearly 20,000 devices online, enabling takeover and data tampering.
The Hacker News
April 21, 2026
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
Ransomware negotiator pleads guilty to aiding BlackCat in 2023; leaked victim data enabled $1.2M extortion and $10M seizure.
The Hacker News
April 21, 2026
5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
Integrated threat intelligence reduces MTTR using data from 15,000 organizations and 600,000 analysts, limiting dwell time and business risk...
The Hacker News
April 21, 2026
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
Stolen credentials remain top breach vector as AI speeds phishing and testing, increasing ransomware and persistence risk.
The Hacker News
April 21, 2026
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
NGate abuses HandyPay in Brazil since Nov 2025, stealing NFC data and PINs to enable ATM fraud and unauthorized payments.
The Hacker News
April 21, 2026
Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.
The Hacker News
April 21, 2026
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
CISA adds 8 exploited vulnerabilities to KEV, sets April 23 and May 4, 2026 deadlines, driving urgent federal patching.
The Hacker News
April 21, 2026
Why Your Backups Might Not Save You When Ransomware Hits
Ransomware compromises backups by Day 10 targeting, causing missed RTO/RPO and failed recovery.
The Hacker News
April 20, 2026
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server compromise.
The Hacker News
April 20, 2026
⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More
Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.
The Hacker News
April 20, 2026
Why Most AI Deployments Stall After the Demo
AI projects stall when clean demos meet messy operations, latency, and governance gaps, limiting enterprise impact.
The Hacker News
April 20, 2026
Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
MCP design flaw enables RCE across 7,000+ servers and 150M downloads, impacting AI SDKs and supply chains.
The Hacker News
April 20, 2026
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
ZionSiphon detected June 29, 2025 targets Israeli water OT systems, escalating geopolitical cyber risk.
The Hacker News
April 20, 2026
Why Threat Intelligence Is the Missing Link in CTEM Prioritization and Validation
96% struggle to validate exploitability in 2026 CTEM programs, with 42% SOC time wasted, slowing real threat response.
The Hacker News
April 20, 2026
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
A security incident at Vercel stemmed from a compromised third-party vendor, Context AI, which allowed unauthorized access to Google Workspa...
The Hacker News
April 18, 2026
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
$13.74M stolen from Grinex on April 15, 2026 after sanctions, disrupting Russia-linked evasion networks.
The Hacker News
April 18, 2026
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.
The Hacker News
April 17, 2026
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Three Defender zero-days exploited since April 10, 2026, enabling privilege escalation and DoS, forcing isolation of affected systems.
The Hacker News
April 17, 2026
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
Google blocked 8.3B ads and suspended 24.9M accounts in 2025 as Android 17 tightened contact and location access, reducing fraud and abuse.
The Hacker News
April 17, 2026
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
NIST limits CVE enrichment after 263% surge since 2020, prioritizing KEV and federal software, shifting thousands to “Not Scheduled.”
The Hacker News
April 17, 2026
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
53 DDoS domains seized in Operation PowerOFF across 21 countries, exposing 3 million accounts and disrupting 75,000 users' attacks.
The Hacker News
April 17, 2026
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Apache ActiveMQ faces critical security threats as CVE-2026-34197 enters CISA's Known Exploited Vulnerabilities catalog. This remote code ex...
The Hacker News
April 16, 2026
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and persistence.
The Hacker News
April 16, 2026
ThreatsDay Bulletin: 17-Year-Old Excel RCE, Defender 0-Day, SonicWall Brute-Force and 15 More Stories
This week's biggest hacks, zero-days, supply chain attacks, crypto theft, ransomware hits, and critical patches — all in one place.
The Hacker News
April 16, 2026
[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
Compromised service accounts caused 68% of 2024 cloud breaches, enabling 200-day dwell times and lateral movement across environments.
The Hacker News
April 16, 2026
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Cisco patches four CVEs up to CVSS 9.9 in ISE and Webex, preventing code execution and user impersonation risks.
The Hacker News
April 16, 2026
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls.
The Hacker News
April 16, 2026
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
Taboola pixel redirected logged-in banking users to Temu in February 2026 audit, exposing GDPR and PCI DSS risks.
The Hacker News
April 16, 2026
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
CERT-UA reports UAC-0247 targeted clinics in March–April 2026, stealing browser and WhatsApp data, enabling lateral movement.
The Hacker News
April 15, 2026
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
n8n webhooks abused since October 2025, with phishing volume up 686%, enabling malware delivery and device tracking.
The Hacker News
April 15, 2026
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active exploitation.
The Hacker News
April 15, 2026
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Critical SAP, Adobe, Fortinet, and Microsoft flaws disclosed in April Patch Tuesday, enabling RCE and data theft risks.
The Hacker News
April 15, 2026
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
All CISOs use AI in 2026 survey, Pentera report shows, driving hybrid deterministic security validation models.
The Hacker News
April 15, 2026
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, 2026.
The Hacker News
April 15, 2026
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
GPT-5.4-Cyber launch expands defender access and helped fix 3,000+ vulnerabilities, strengthening proactive cybersecurity defenses.
The Hacker News
April 14, 2026
New PHP Composer Flaws Enable Arbitrary Command Execution
Two Composer flaws (CVE-2026-40176, CVE-2026-40261) allow command execution via Perforce configurations, prompting urgent updates.
The Hacker News
April 14, 2026
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Google adds a Rust-based DNS parser to Pixel 10 modem firmware, reducing memory vulnerabilities and strengthening defenses against baseband...
The Hacker News
April 14, 2026
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Pushpaganda exploits Google Discover using AI-generated content, driving scams and ad fraud globally, prompting Google to deploy a security...
The Hacker News
April 14, 2026
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Mirax Android RAT spreads via Meta ads reaching 220,000 accounts, enabling proxy abuse and fraud operations.
The Hacker News
April 14, 2026
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
Critical risk surged nearly 400% as AI-driven development increased vulnerabilities across 250 organizations.
The Hacker News
April 14, 2026
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
108 Chrome extensions routed stolen Google and Telegram data to shared C2 infrastructure, impacting 20,000 users.
The Hacker News
April 14, 2026
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
ShowDoc CVE-2025-0520 exploited due to unpatched versions before 2.8.7, enabling remote code execution on 2,000+ instances.
The Hacker News
April 14, 2026
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
CISA adds six exploited vulnerabilities, including Fortinet and Exchange flaws, requiring FCEB patching by April 27, 2026.
The Hacker News
April 13, 2026
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
JanelaRAT hits Latin American banks with 14,739 attacks in Brazil in 2025, enabling credential theft and financial espionage
The Hacker News
April 13, 2026
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
FBI dismantles W3LL phishing network targeting 17,000 victims; crackdown disrupts $20M fraud scheme.
The Hacker News
April 13, 2026
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to p...
The Hacker News
April 13, 2026
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
AI-driven attacks exploiting zero-days and 29-minute breakout times expose SOC investigation gaps, accelerating the shift to automated respo...
The Hacker News
April 13, 2026
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
APT37 spreads RokRAT via Facebook and trojanized PDFelement accounts created Nov 10, 2025, enabling espionage and data theft.
The Hacker News
April 13, 2026
Why Security Leaders Are Layering Email Defense on Top of Secure Email Gateways
Inbox remains the primary attack entry point, driving security leaders to add adaptive AI protection to strengthen cloud email defenses.- 1
- 2
Showing 50 results of 59 — Page 1