Category: Hacker News

Manual Processes Are Putting National Security at Risk

Manual Processes Are Putting National Security at Risk

February 25, 2026
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

February 25, 2026
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

February 25, 2026
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

February 25, 2026
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

February 24, 2026
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

February 24, 2026
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

February 24, 2026
Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

February 24, 2026
UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

February 24, 2026
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model

Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model

February 24, 2026
APT28 Targeted European Entities Using Webhook-Based Macro Malware

APT28 Targeted European Entities Using Webhook-Based Macro Malware

February 23, 2026
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

February 23, 2026
⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

February 23, 2026
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

February 23, 2026
How Exposed Endpoints Increase Risk Across LLM Infrastructure

How Exposed Endpoints Increase Risk Across LLM Infrastructure

February 23, 2026
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

February 23, 2026
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

February 21, 2026
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security

EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security

February 21, 2026
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

February 21, 2026
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

February 21, 2026
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

February 20, 2026
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

February 20, 2026
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT

February 20, 2026
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026

Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026

February 20, 2026
Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case

February 20, 2026
FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025

FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025

February 20, 2026
Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran

Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran

February 20, 2026
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

February 19, 2026
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

February 19, 2026
INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown

INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown

February 19, 2026
ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

February 19, 2026
From Exposure to Exploitation: How AI Collapses Your Response Window

From Exposure to Exploitation: How AI Collapses Your Response Window

February 19, 2026
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

February 19, 2026
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

February 19, 2026
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

February 18, 2026
Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody

Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody

February 18, 2026
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

February 18, 2026
Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability

Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability

February 18, 2026
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

February 18, 2026
3 Ways to Start Your Intelligent Workflow Program

3 Ways to Start Your Intelligent Workflow Program

February 18, 2026
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update

CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update

February 18, 2026
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

February 18, 2026
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

February 17, 2026
Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

February 17, 2026
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

February 17, 2026
My Day Getting My Hands Dirty with an NDR System

My Day Getting My Hands Dirty with an NDR System

February 17, 2026
Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

February 17, 2026
Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations

Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations

February 17, 2026
Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta

Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta

February 17, 2026
Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

February 16, 2026