Category: Hacker News

Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice

Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice

January 17, 2026
OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans

OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans

January 17, 2026
GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

January 16, 2026
Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts

Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts

January 16, 2026
Your Digital Footprint Can Lead Right to Your Front Door

Your Digital Footprint Can Lead Right to Your Front Door

January 16, 2026
LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

January 16, 2026
China-Linked APT Exploits Sitecore Zero-Day in Attacks on American Critical Infrastructure

China-Linked APT Exploits Sitecore Zero-Day in Attacks on American Critical Infrastructure

January 16, 2026
Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

January 16, 2026
AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

January 15, 2026
Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot

Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot

January 15, 2026
Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

January 15, 2026
ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

January 15, 2026
Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

January 15, 2026
4 Outdated Habits Destroying Your SOC’s MTTR in 2026

4 Outdated Habits Destroying Your SOC’s MTTR in 2026

January 15, 2026
Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login

Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login

January 15, 2026
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud

January 15, 2026
Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

January 14, 2026
AI Agents Are Becoming Privilege Escalation Paths

AI Agents Are Becoming Privilege Escalation Paths

January 14, 2026
Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

January 14, 2026
Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

January 14, 2026
Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

January 14, 2026
New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

January 14, 2026
Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

January 14, 2026
PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

January 14, 2026
Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

January 13, 2026
Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

January 13, 2026
[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl

[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl

January 13, 2026
What Should We Learn From How Attackers Leveraged AI in 2025?

What Should We Learn From How Attackers Leveraged AI in 2025?

January 13, 2026
ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

January 13, 2026
New Advanced Linux VoidLink Malware Targets Cloud and container Environments

New Advanced Linux VoidLink Malware Targets Cloud and container Environments

January 13, 2026
New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

January 13, 2026
CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

January 13, 2026
n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

January 12, 2026
⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

January 12, 2026
GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

January 12, 2026
Anthropic Launches Claude AI for Healthcare with Secure Health Record Access

Anthropic Launches Claude AI for Healthcare with Secure Health Record Access

January 12, 2026
Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud

Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud

January 12, 2026
MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

January 10, 2026
Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

January 10, 2026
China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

January 9, 2026
Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

January 9, 2026
Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can’t)

Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can’t)

January 9, 2026
Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

January 9, 2026
CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

January 9, 2026
FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

January 9, 2026
WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

January 8, 2026
China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

January 8, 2026
ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

January 8, 2026
Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

January 8, 2026
Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages

Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages

January 8, 2026