Category: Hacker News

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

January 7, 2026
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

January 7, 2026
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

January 7, 2026
Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

January 6, 2026
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

January 6, 2026
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

January 6, 2026
What is Identity Dark Matter?

What is Identity Dark Matter?

January 6, 2026
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

January 6, 2026
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

January 6, 2026
New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

January 6, 2026
Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

January 5, 2026
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

January 5, 2026
⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

January 5, 2026
The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations 

The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations 

January 5, 2026
Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act

Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act

January 5, 2026
New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

January 5, 2026
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

January 2, 2026
The ROI Problem in Attack Surface Management

The ROI Problem in Attack Surface Management

January 2, 2026
Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

January 2, 2026
How To Browse Faster and Get More Done Using Adapt Browser

How To Browse Faster and Get More Done Using Adapt Browser

January 1, 2026
ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

January 1, 2026
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

January 1, 2026
Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

December 31, 2025
DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

December 31, 2025
Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

December 31, 2025
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass

IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass

December 31, 2025
U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

December 31, 2025
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

December 30, 2025
Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware

Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware

December 30, 2025
How to Integrate AI into Modern SOC Workflows

How to Integrate AI into Modern SOC Workflows

December 30, 2025
Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

December 30, 2025
⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More

⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More

December 29, 2025
27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

December 29, 2025
Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

December 29, 2025
MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

December 29, 2025
New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

December 27, 2025
Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

December 26, 2025
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

December 26, 2025
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

December 26, 2025
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

December 25, 2025
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

December 25, 2025
CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

December 25, 2025
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

December 25, 2025
New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

December 24, 2025
Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

December 24, 2025
Attacks are Evolving: 3 Ways to Protect Your Business in 2026

Attacks are Evolving: 3 Ways to Protect Your Business in 2026

December 24, 2025
SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips

SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips

December 24, 2025
Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition

Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition

December 24, 2025
Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

December 23, 2025
Passwd: A walkthrough of the Google Workspace Password Manager

Passwd: A walkthrough of the Google Workspace Password Manager

December 23, 2025