The Hacker News
- JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
- FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
- ⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
- Your MTTD Looks Great. Your Post-Alert Gap Doesn't
- North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
- OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
- CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
- Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
- Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
- GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
- Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
- Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
- Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
- Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
- EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
- UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
- ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
- The Hidden Security Risks of Shadow AI in Enterprises
- Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
- Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
- New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
- Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
- APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
- Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
- Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
- N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
- Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
- Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
- [Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk
- Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
- Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
- The Hidden Cost of Recurring Credential Incidents
- New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
- China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
- Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
- Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
- DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
- Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
- ⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
- How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
- Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
- BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
- $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
- 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
- Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
- China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
- Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
- UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
- Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture
- New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
© 1997- hackerzinc
All rights reserved.