Category: Hacker News

Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload

Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload

March 12, 2026
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

March 12, 2026
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

March 12, 2026
Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes

Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes

March 11, 2026
Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

March 11, 2026
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

March 11, 2026
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

March 11, 2026
What Boards Must Demand in the Age of AI-Automated Exploitation

What Boards Must Demand in the Age of AI-Automated Exploitation

March 11, 2026
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

March 11, 2026
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

March 11, 2026
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

March 11, 2026
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

March 10, 2026
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

March 10, 2026
New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

March 10, 2026
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

March 10, 2026
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

March 10, 2026
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

March 10, 2026
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

March 10, 2026
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

March 10, 2026
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

March 9, 2026
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

March 9, 2026
⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

March 9, 2026
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

March 9, 2026
Can the Security Platform Finally Deliver for the Mid-Market?

Can the Security Platform Finally Deliver for the Mid-Market?

March 9, 2026
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

March 9, 2026
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

March 7, 2026
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

March 7, 2026
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

March 6, 2026
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

March 6, 2026
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

March 6, 2026
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity

The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity

March 6, 2026
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

March 6, 2026
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

March 6, 2026
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

March 6, 2026
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities

Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities

March 5, 2026
Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders

Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders

March 5, 2026
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More

ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More

March 5, 2026
Where Multi-Factor Authentication Stops and Credential Abuse Starts

Where Multi-Factor Authentication Stops and Credential Abuse Starts

March 5, 2026
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

March 5, 2026
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

March 5, 2026
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials

FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials

March 5, 2026
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

March 5, 2026
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict

149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict

March 4, 2026
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

March 4, 2026
New RFP Template for AI Usage Control and AI Governance 

New RFP Template for AI Usage Control and AI Governance 

March 4, 2026
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

March 4, 2026
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

March 4, 2026
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

March 4, 2026
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

March 3, 2026
Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow

Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow

March 3, 2026