Category: Hacker News

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

March 13, 2026
Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

March 13, 2026
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries

Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries

March 13, 2026
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

March 12, 2026
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

March 12, 2026
How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs

How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs

March 12, 2026
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More

ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More

March 12, 2026
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

March 12, 2026
Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload

Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload

March 12, 2026
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

March 12, 2026
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

March 12, 2026
Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes

Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes

March 11, 2026
Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

March 11, 2026
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

March 11, 2026
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

March 11, 2026
What Boards Must Demand in the Age of AI-Automated Exploitation

What Boards Must Demand in the Age of AI-Automated Exploitation

March 11, 2026
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

March 11, 2026
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

March 11, 2026
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

March 11, 2026
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

March 10, 2026
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

March 10, 2026
New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

March 10, 2026
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

March 10, 2026
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

March 10, 2026
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

March 10, 2026
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

March 10, 2026
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

March 10, 2026
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

March 9, 2026
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

March 9, 2026
⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

March 9, 2026
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

March 9, 2026
Can the Security Platform Finally Deliver for the Mid-Market?

Can the Security Platform Finally Deliver for the Mid-Market?

March 9, 2026
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

March 9, 2026
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

March 7, 2026
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

March 7, 2026
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

March 6, 2026
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

March 6, 2026
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

March 6, 2026
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity

The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity

March 6, 2026
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

March 6, 2026
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

March 6, 2026
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

March 6, 2026
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities

Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities

March 5, 2026
Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders

Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders

March 5, 2026
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More

ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More

March 5, 2026
Where Multi-Factor Authentication Stops and Credential Abuse Starts

Where Multi-Factor Authentication Stops and Credential Abuse Starts

March 5, 2026
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

March 5, 2026
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

March 5, 2026
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials

FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials

March 5, 2026
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

March 5, 2026