All News
The Hacker News
The Hacker News
March 4, 2026
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.
The Hacker News
March 4, 2026
New RFP Template for AI Usage Control and AI Governance
New RFP guide helps CISOs evaluate AI governance tools, focusing on interaction-level security and vendor accountability.
The Hacker News
March 4, 2026
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via C2 server.
The Hacker News
March 4, 2026
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and Google Drive-based...
The Hacker News
March 4, 2026
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
CISA adds VMware Aria Operations command injection flaw CVE-2026-22719 to KEV after reports of active exploitation; patches released by Broa...
The Hacker News
March 3, 2026
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Fake IT support calls delivered Havoc C2, enabling credential theft, lateral movement, and ransomware prep across five organizations.
The Hacker News
March 3, 2026
Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow
Tier 1 SOC analysts face overload and false positives; integrated threat intelligence and sandboxing reduce dwell time and improve detection...
The Hacker News
March 3, 2026
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
AI-powered CyberStrikeAI linked to 600 FortiGate breaches in 55 countries, with 21 IPs tied to China-based infrastructure.
The Hacker News
March 3, 2026
AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
70% of enterprises run AI agents, but weak IAM governance risks identity “dark matter” and cross-cloud exposure, survey finds.
The Hacker News
March 3, 2026
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 account...
The Hacker News
March 3, 2026
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft details OAuth redirect abuse used to deliver ZIP malware and EvilProxy links to government targets.
The Hacker News
March 3, 2026
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Google’s March 2026 Android update patches 129 vulnerabilities, including exploited Qualcomm flaw CVE-2026-21385 and critical RCE CVE-2026-0...
The Hacker News
March 3, 2026
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
SloppyLemming targeted Pakistan and Bangladesh with BurrowShell, a Rust keylogger, and 112 Cloudflare Workers domains in 2025–2026.
The Hacker News
March 2, 2026
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.
The Hacker News
March 2, 2026
Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
Google is testing Merkle Tree Certificates in Chrome to enable quantum-resistant HTTPS, reduce TLS handshake data & launch a new root store...
The Hacker News
March 2, 2026
⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More
Weekly cybersecurity recap covering active exploits, AI abuse, exposed cloud assets, critical CVEs, and evolving threat trends.
The Hacker News
March 2, 2026
AI SOC Investigation Has Moved Beyond Triage: Two Cases That Show Where It Actually Matters
AI SOC platform ran 265 and 138 queries across up to 11 sources, exposing cloud compromise and TOAD phishing missed by standard detections.
The Hacker News
March 2, 2026
AI in Cybersecurity: Is It Worth the Effort for Lean Security Teams?
AI in cybersecurity can improve detection and response, but lean teams must weigh complexity, costs, and measurable outcomes carefully.
The Hacker News
March 2, 2026
How to Protect Your SaaS from Bot Attacks with SafeLine WAF
SafeLine self-hosted WAF blocks SaaS bot abuse with 99.45% accuracy, cutting fake sign-ups and stabilizing CPU usage.
The Hacker News
March 2, 2026
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
The Hacker News
March 2, 2026
Demystifying Key Exchange: From Classical Elliptic Curve Cryptography to a Post-Quantum Future
Hybrid ECDHE and ML-KEM key exchange counters quantum threats and harvest-now risks in TLS.
The Hacker News
March 2, 2026
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel de...
The Hacker News
February 28, 2026
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and crypto scams.
The Hacker News
February 28, 2026
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
The Hacker News
February 28, 2026
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
Pentagon labels Anthropic a supply chain risk after dispute over mass surveillance and autonomous weapons use.
The Hacker News
February 27, 2026
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
The U.S. DoJ seized $61 million in Tether tied to pig butchering crypto investment scams, while Tether reports freezing $4.2 billion in illi...
The Hacker News
February 27, 2026
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.
The Hacker News
February 27, 2026
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the Rekoobe Linux backdoo...
The Hacker News
February 27, 2026
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for surveillance.
The Hacker News
February 27, 2026
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.
The Hacker News
February 27, 2026
Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
Meta sues global scam advertisers as reports show 30.99% of EU, UK ads linked to scams and 300M impressions in one month.
The Hacker News
February 26, 2026
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
Researchers detail Aeternum C2 storing botnet commands on Polygon blockchain, while DSLRoot operates 300 residential proxy devices across U....
The Hacker News
February 26, 2026
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
Cisco Talos tracks UAT-10027 targeting U.S. education and healthcare with Dohdoor DoH-based backdoor and Cobalt Strike payload.
The Hacker News
February 26, 2026
ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories
This week’s ThreatsDay Bulletin highlights emerging cyber threats, evolving attack tactics, and key security developments.
The Hacker News
February 26, 2026
Expert Recommends: Prepare for PQC Right Now
Quantum Computers won’t be available for another decade. Why worry about them now, then? A cryptography expert explains.
The Hacker News
February 26, 2026
Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
Fake Next.js repos abuse VS Code and npm to run in-memory JavaScript C2; GitLab banned 131 accounts.
The Hacker News
February 26, 2026
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
Malicious StripeApi.Net package on NuGet mimicked Stripe.net, logged 180,000 downloads, and stole Stripe API tokens before removal.
The Hacker News
February 26, 2026
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
Cisco warns CVE-2026-20127 (CVSS 10.0) in SD-WAN is exploited since 2023 to gain admin access; CISA adds it to KEV and mandates urgent fixes...
The Hacker News
February 25, 2026
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Google disrupts China-linked UNC2814 after 53 breaches in 42 countries using GRIDTIDE via Google Sheets API.
The Hacker News
February 25, 2026
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
The Hacker News
February 25, 2026
SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
SLH pays $500–$1,000 per call to recruit women for vishing, targeting IT help desks and MFA resets to breach Azure and deploy ransomware.
The Hacker News
February 25, 2026
Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It
Execution-based triage cuts MTTR by 21 minutes, reduces escalations 30%, and exposes full attack chains in under 60 seconds.
The Hacker News
February 25, 2026
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 downloads before r...
The Hacker News
February 25, 2026
Manual Processes Are Putting National Security at Risk
CYBER360 report warns over half of national security groups rely on manual data transfers, exposing mission-critical vulnerabilities.
The Hacker News
February 25, 2026
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
Ex-L3Harris employee sentenced to 7 years for selling 8 zero-days to Russian broker; U.S. sanctions Operation Zero and associates.
The Hacker News
February 25, 2026
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
SolarWinds fixes four critical CVSS 9.1 vulnerabilities in Serv-U 15.5 that could allow root code execution with administrative privileges.
The Hacker News
February 25, 2026
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
CISA added FileZen CVE-2026-25108 (CVSS 8.7) to its KEV catalog after active exploitation, affecting versions 4.2.1–4.2.8 and 5.0.0–5.0.10.
The Hacker News
February 24, 2026
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
RoguePilot flaw let GitHub Copilot leak GITHUB_TOKEN, while new studies expose LLM side channels, ShadowLogic backdoors, and promptware risk...
The Hacker News
February 24, 2026
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
Russia-linked UAC-0050 targeted a European financial institution using a spoofed Ukrainian domain to deploy RMS remote access malware.
The Hacker News
February 24, 2026
Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem
Identity risk escalates when control gaps, hygiene failures, impact, and intent align, forming toxic combinations that drive real breaches- 1
- 2
Showing 50 results of 55 — Page 1