Category: Hacker News

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

February 12, 2026
The CTEM Divide: Why 84% of Security Programs Are Falling Behind

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

February 12, 2026
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

February 12, 2026
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

February 12, 2026
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

February 12, 2026
APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

February 11, 2026
Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

February 11, 2026
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

February 11, 2026
Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments

Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments

February 11, 2026
Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days

Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days

February 11, 2026
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

February 11, 2026
DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

February 10, 2026
From Ransomware to Residency: Inside the Rise of the Digital Parasite

From Ransomware to Residency: Inside the Rise of the Digital Parasite

February 10, 2026
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools

Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools

February 10, 2026
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

February 10, 2026
ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security

ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security

February 10, 2026
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

February 10, 2026
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

February 10, 2026
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign

February 9, 2026
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

February 9, 2026
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

February 9, 2026
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring

How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring

February 9, 2026
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign

Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign

February 9, 2026
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

February 9, 2026
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

February 9, 2026
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

February 8, 2026
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists

German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists

February 7, 2026
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

February 6, 2026
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

February 6, 2026
CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

February 6, 2026
How Samsung Knox Helps Stop Your Network Security Breach

How Samsung Knox Helps Stop Your Network Security Breach

February 6, 2026
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

February 6, 2026
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

February 6, 2026
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

February 5, 2026
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

February 5, 2026
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

February 5, 2026
The Buyer’s Guide to AI Usage Control

The Buyer’s Guide to AI Usage Control

February 5, 2026
Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

February 5, 2026
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

February 5, 2026
Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

February 4, 2026
DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

February 4, 2026
China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

February 4, 2026
Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

February 4, 2026
The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

February 4, 2026
Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

February 4, 2026
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

February 4, 2026
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

February 4, 2026
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

February 3, 2026
[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

February 3, 2026
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

February 3, 2026