Category: Hacker News

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

May 8, 2026
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

May 8, 2026
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

May 7, 2026
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

May 7, 2026
One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches

One Click, Total Shutdown: The “Patient Zero” Webinar on Killing Stealth Breaches

May 7, 2026
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

May 7, 2026
Day Zero Readiness: The Operational Gaps That Break Incident Response

Day Zero Readiness: The Operational Gaps That Break Incident Response

May 7, 2026
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories

ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories

May 7, 2026
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

May 7, 2026
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

May 7, 2026
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

May 6, 2026
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

May 6, 2026
Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?

Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?

May 6, 2026
The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open

The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open

May 6, 2026
Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks

Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks

May 6, 2026
Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

May 6, 2026
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

May 6, 2026
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

May 5, 2026
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

May 5, 2026
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

May 5, 2026
We Scanned 1 Million Exposed AI Services. Here’s How Bad the Security Actually Is

We Scanned 1 Million Exposed AI Services. Here’s How Bad the Security Actually Is

May 5, 2026
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

May 5, 2026
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

May 5, 2026
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

May 5, 2026
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

May 5, 2026
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

May 5, 2026
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

May 4, 2026
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass

Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass

May 4, 2026
⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

May 4, 2026
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

May 4, 2026
2026: The Year of AI-Assisted Attacks

2026: The Year of AI-Assisted Attacks

May 4, 2026
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

May 4, 2026
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

May 4, 2026
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

May 3, 2026
Trellix Confirms Source Code Breach With Unauthorized Repository Access

Trellix Confirms Source Code Breach With Unauthorized Repository Access

May 2, 2026
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign

30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign

May 1, 2026
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

May 1, 2026
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

May 1, 2026
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

May 1, 2026
Top Five Sales Challenges Costing MSPs Cybersecurity Revenue

Top Five Sales Challenges Costing MSPs Cybersecurity Revenue

May 1, 2026
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

May 1, 2026
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

April 30, 2026
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

April 30, 2026
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

April 30, 2026
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

April 30, 2026
New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions

New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions

April 30, 2026
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

April 30, 2026
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

April 29, 2026
SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware

SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware

April 29, 2026
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks

Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks

April 29, 2026