All News
The Hacker News
The Hacker News
June 6, 2026
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
OpenAI Lockdown Mode limits outbound ChatGPT requests to reduce prompt injection data exfiltration risk for eligible accounts.
The Hacker News
June 6, 2026
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
Bright Data SDK relays scraping via 150M+ consent-sourced IPs, bypassing VPNs and using up to 200GB/month bandwidth.
The Hacker News
June 6, 2026
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
CISA added CVE-2026-28318, a high-severity SolarWinds Serv-U DoS flaw, to its KEV catalog after evidence of active exploitation.
The Hacker News
June 6, 2026
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
AI found 21 FFmpeg zero-days, some 20 years old; Chrome 149 patched 429 bugs, including 100+ critical/high flaws.
The Hacker News
June 6, 2026
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Miasma hit 73 Microsoft repos across four GitHub orgs, forcing access disablement and exposing open-source trust risks.
The Hacker News
June 6, 2026
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited
Cisco Catalyst SD-WAN Manager vulnerability CVE-2026-20245 is under active exploitation and has a CVSS score of 7.8.
The Hacker News
June 5, 2026
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm variant.
The Hacker News
June 5, 2026
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
Arabic-speaking users were targeted by Asin spyware via fake utility, war update, and government news sites.
The Hacker News
June 5, 2026
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
A newly identified China-linked threat cluster, OP-512, is targeting Microsoft IIS servers with a custom three-web-shell framework for espio...
The Hacker News
June 5, 2026
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Only 10% of SOCs report excellent AI value in 2026 as fragmented tools and weak governance limit real security outcomes.
The Hacker News
June 5, 2026
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting CVE-2026-3300, a critical RCE vulnerability (CVSS 9.8) in Everest Forms Pro WordPress plugin (4,000+ i...
The Hacker News
June 5, 2026
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
Researchers and the FBI warn that fake FIFA domains, banking malware in streaming apps, and stolen logins are already hitting World Cup 2026...
The Hacker News
June 5, 2026
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable abuse.
The Hacker News
June 4, 2026
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco patched a Unified CM flaw allowing unauthenticated network attackers to write files and escalate to root.
The Hacker News
June 4, 2026
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A flaw in Anthropic’s Claude Code GitHub Action allowed a malicious GitHub issue from a bot actor to trigger workflows and gain write access...
The Hacker News
June 4, 2026
Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
June 2 AI order highlights classified deployment risks, requiring secure data, access, and networks to preserve mission trust.
The Hacker News
June 4, 2026
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is still held toge...
The Hacker News
June 4, 2026
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
TA4922 expanded targeting to organizations in the U.K., Germany, Italy, and South Africa while continuing campaigns against East Asia.
The Hacker News
June 4, 2026
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Operation FlutterBridge is a macOS malvertising campaign spreading FlutterShell, a Flutter-based backdoor with adware capabilities.
The Hacker News
June 4, 2026
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
A large-scale campaign impersonates open-source and freeware project portals to redirect users through a gated TDS and deliver malware.
The Hacker News
June 4, 2026
Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
Unknown attackers maintained at least five months of access to a senior global stock exchange executive’s Outlook mailbox.
The Hacker News
June 4, 2026
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
CISA added CVE-2026-45247, a CVSS 9.8 Mirasvit Cache Warmer flaw affecting Magento stores, to its KEV catalog after active exploitation.
The Hacker News
June 4, 2026
DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
DoJ disrupted 1.4M accounts and froze $3.8M in crypto as scam losses hit $7.2B in 2025, weakening fraud networks.
The Hacker News
June 3, 2026
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
Poisoned Android notifications could hijack Google Gemini’s voice assistant without a malicious app.
The Hacker News
June 3, 2026
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
DoubleClick redirects hide DesckVB RAT malspam, using dynamic lures and .NET loaders to evade detection and control hosts.
The Hacker News
June 3, 2026
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
Debug flag disabled Microsoft 365 Android token checks, letting untrusted apps access accounts; patches issued May 12 to reduce risk
The Hacker News
June 3, 2026
Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
Redis CVE-2026-23479 enables authenticated RCE; affecting versions since 7.2.0, patched May 5 to reduce exploitation risk.
The Hacker News
June 3, 2026
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
The Hacker News
June 3, 2026
Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
46% of enterprise identity activity occurs outside IAM visibility; fragmented systems and AI agents increase risk and exposure.
The Hacker News
June 3, 2026
Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
Your critical systems aren't as isolated as your diagram says. Metasploit creator HD Moore on the hidden bridges that break segmentation. Fr...
The Hacker News
June 3, 2026
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Unpatched Windows search: URI flaw leaks NTLMv2 hashes via SMB requests; disclosed April 2026, enabling relay attacks.
The Hacker News
June 3, 2026
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote access.
The Hacker News
June 3, 2026
Detecting Phishing and Insider Threats Using Wazuh
Phishing-driven credential theft creates insider risks; Wazuh correlates security data to detect threats and speed response.
The Hacker News
June 2, 2026
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google patched 124 Android flaws in June 2026, including exploited CVE-2025-48595, reducing privilege-escalation risks.
The Hacker News
June 2, 2026
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
Gamaredon used GammaPhish and GammaWorm in a January 2026 espionage campaign, enabling stealthy persistence and data theft across Ukraine.
The Hacker News
June 2, 2026
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
CVE-2024-21182 entered CISA's KEV catalog after active exploitation evidence, requiring federal patching by June 4, 2026.
The Hacker News
June 2, 2026
AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
AI shrinks exploitation windows to hours while median critical patching time rose to 43 days, increasing exposure risk.
The Hacker News
June 2, 2026
How Leading Organizations Are Turning EDR Into Operational Resilience
67% of organizations report more AI-powered attacks in 2025, driving demand for hardening and MDR to improve resilience.
The Hacker News
June 2, 2026
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
SideCopy targeted Afghanistan's Finance Ministry with Xeno RAT via Pashto phishing lures, enabling espionage and system compromise.
The Hacker News
June 2, 2026
Endpoint Detection & Response Is Now Table Stakes — Here’s What Comes Next
97.7% now use EDR as AI-driven threats bypass prevention, helping organizations improve cyber resilience and response readiness.
The Hacker News
June 2, 2026
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Brute-force attacks bypassed 2FA on some Dashlane accounts on May 31, 2026, enabling fewer than 20 encrypted vault downloads.
The Hacker News
June 1, 2026
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
Compromised npm packages targeted Red Hat cloud services, enabling credential theft and expanding supply chain risks.
The Hacker News
June 1, 2026
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories defenders need t...
The Hacker News
June 1, 2026
Why Fragmented Identity Pipelines Fail Against Digital Injections
Fragmented identity systems lose critical telemetry during API handoffs, enabling injection attacks and reducing fraud detection accuracy.
The Hacker News
June 1, 2026
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Operation Dragon Weave delivers AdaptixC2 via phishing; Azure-based AZUREVEIL enables covert control, impacting Czech and Taiwan targets.
The Hacker News
June 1, 2026
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
Why MSPs are moving beyond vCISO tools: the Security Growth Platform combine program management, CISO intelligence, and portfolio revenue an...
The Hacker News
June 1, 2026
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access.
The Hacker News
June 1, 2026
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
CVE-2026-8732 lets attackers create admin accounts in WP Maps Pro; 2,858 attacks hit vulnerable sites in 24 hours, risking takeover.
The Hacker News
May 31, 2026
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
Dutch authorities dismantled a 17 million-device botnet backed by 200+ servers, disrupting infrastructure used for cybercrime.
The Hacker News
May 30, 2026