Category: Hacker News

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

January 8, 2026
The State of Trusted Open Source

The State of Trusted Open Source

January 8, 2026
OpenAI Launches ChatGPT Health with Isolated, Encrypted Health Data Controls

OpenAI Launches ChatGPT Health with Isolated, Encrypted Health Data Controls

January 8, 2026
CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

January 8, 2026
Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches

Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches

January 7, 2026
Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

January 7, 2026
The Future of Cybersecurity Includes Non-Human Employees

The Future of Cybersecurity Includes Non-Human Employees

January 7, 2026
Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

January 7, 2026
Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

January 7, 2026
n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

January 7, 2026
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

January 7, 2026
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

January 7, 2026
Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

January 6, 2026
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

January 6, 2026
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

January 6, 2026
What is Identity Dark Matter?

What is Identity Dark Matter?

January 6, 2026
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

January 6, 2026
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

January 6, 2026
New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

January 6, 2026
Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

January 5, 2026
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

January 5, 2026
âš¡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

âš¡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

January 5, 2026
The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations 

The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations 

January 5, 2026
Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act

Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act

January 5, 2026
New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

January 5, 2026
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

January 2, 2026
The ROI Problem in Attack Surface Management

The ROI Problem in Attack Surface Management

January 2, 2026
Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

January 2, 2026
How To Browse Faster and Get More Done Using Adapt Browser

How To Browse Faster and Get More Done Using Adapt Browser

January 1, 2026
ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

January 1, 2026
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

January 1, 2026
Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

December 31, 2025
DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

December 31, 2025
Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

December 31, 2025
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass

IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass

December 31, 2025
U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

December 31, 2025
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

December 30, 2025
How to Integrate AI into Modern SOC Workflows

How to Integrate AI into Modern SOC Workflows

December 30, 2025
Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware

Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware

December 30, 2025
Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

December 30, 2025
âš¡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More

âš¡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More

December 29, 2025
27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

December 29, 2025
Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

December 29, 2025
MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

December 29, 2025
New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

December 27, 2025
Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

December 26, 2025
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

December 26, 2025
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

December 26, 2025
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

December 25, 2025
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

December 25, 2025