Lucene search
K

20902 matches found

The Hacker News
The Hacker News
added 2026/03/13 1:28 p.m.10 views

Investigating a New Click-Fix Variant

Disclaimer : This report has been prepared by the Threat Research Center to enhance cybersecurity awareness and support the strengthening of defense capabilities. It is based on independent research and observations of the current threat landscape available at the time of publication. The content...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/13 9:17 a.m.7 views

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been exploited in the wild. The list of vulnerabilities is as follows - CVE-2026-3909 CVSS score: 8.8 - An out-of-bounds write vulnerability in the Skia 2D graphi...

8.8CVSS6.7AI score0.2202EPSS
Exploits13
The Hacker News
The Hacker News
added 2026/03/13 8:18 a.m.4 views

Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation

Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that could be exploited by unprivileged users to circumvent kernel protections, escalate to root, and undermine container isolation guarantees. The nine confused deputy...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/13 5:26 a.m.6 views

Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries

A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud. "SocksEscort infected home and small business internet routers with malware...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/13 4:15 a.m.9 views

Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, if successfully exploited, could result in remote code execution. The vulnerabilities are as follows - CVE-2026-21666 CVSS score: 9.9 - A vulnerability that allows an...

9.9CVSS6.5AI score0.01329EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/03/12 5:31 p.m.10 views

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that's written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem. The malware, which is designed to...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/12 5:2 p.m.7 views

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

Cybersecurity researchers have disclosed details of a suspected artificial intelligence AI-generated malware codenamed Slopoly put to use by a financially motivated threat actor named Hive0163. "Although still relatively unspectacular, AI-generated malware such as Slopoly shows how easily threat...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/12 1:30 p.m.7 views

How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs

Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimate-looking authentication flows, and encrypted traffic that conceals malicious behavior from traditional...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/12 1:14 p.m.8 views

ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More

Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is lazy. A few bits fall into that uncomfortable category of “yeah… this is probably going to show up in real incidents sooner than we’d like.” The pattern this week...

9.4CVSS6.6AI score0.00338EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/03/12 11:30 a.m.6 views

Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload

The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five minutes, the outcome can shift from a contained incident to a breach. For years, the cybersecuri...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/12 9:58 a.m.10 views

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS Sonoma to older versions after it was found to be used as part of the Coruna exploit kit. The vulnerability, tracked as CVE-2023-43010 , relates to an unspecified vulnerability in WebKit that could result in memory...

8.8CVSS7.7AI score0.51517EPSS
Exploits13
The Hacker News
The Hacker News
added 2026/03/12 7:56 a.m.6 views

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution , TaxiSpy RAT , BeatBanker , Mirax , an...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/12 5:18 a.m.10 views

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-68613 CVSS score: 9.9, concerns a case of...

9.9CVSS6.3AI score0.97875EPSS
Exploits29
The Hacker News
The Hacker News
added 2026/03/11 4:38 p.m.9 views

Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes

Agentic web browsers that leverage artificial intelligence AI capabilities to autonomously execute actions across multiple websites on behalf of a user could be trained and tricked into falling prey to phishing and scam traps. The attack, at its core, takes advantage of AI browsers' tendency to...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/11 2:51 p.m.6 views

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution. The vulnerabilities are listed below - CVE-2026-27577 CVSS score: 9.4 - Expression sandbox esca...

9.9CVSS6.8AI score0.1016EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/03/11 1:15 p.m.12 views

Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in partnership with authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and Indonesia. The...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/11 12:26 p.m.12 views

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on affected systems. The vulnerabilities in question listed below - CVE-2019-17571 CVSS score: 9.8 - A code injection vulnerability in SAP Quotation Management...

9.8CVSS7.6AI score0.6906EPSS
Exploits4
The Hacker News
The Hacker News
added 2026/03/11 11:30 a.m.7 views

What Boards Must Demand in the Age of AI-Automated Exploitation

“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For years, many executive teams and boards have treated a large vulnerability backlog as an uncomfortable but...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/11 9:15 a.m.8 views

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are rated Critical, and 76 are rated Important in severity. Forty-six of the patched vulnerabilities...

9.8CVSS6.4AI score0.03178EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/03/11 7:31 a.m.6 views

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim's cloud environment within a span of 72 hours. The attack started with the theft of a developer's GitHub token, which the threat actor then use...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/11 5:12 a.m.7 views

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below - chronoanchor dnp3times timecalibrator timecalibrators time-sync The crates,...

10CVSS5.9AI score0.00453EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/03/10 4:21 p.m.8 views

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

Artificial Intelligence AI is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new "back door" f...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/10 4:21 p.m.15 views

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall NGFW appliances as entry points to breach victim networks. The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials...

9.8CVSS7.2AI score0.85844EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/03/10 4:0 p.m.22 views

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected devices, with more than 60% of...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/10 1:20 p.m.6 views

New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcomings have been...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/10 11:0 a.m.13 views

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder's Head of Security digs into why this happens and how teams can manage ...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/10 10:55 a.m.5 views

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April 2024, ESET said in a new report shar...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/10 7:17 a.m.9 views

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the exploitation of...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/10 6:17 a.m.11 views

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added three security flaws to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability list is as follows - CVE-2021-22054 CVSS score: 7.5 - A server-side request forgery...

9.8CVSS7.4AI score0.97713EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/03/09 6:31 p.m.8 views

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan RAT and steal sensitive data from compromised hosts. The package, named "@openclaw-ai/openclawai," was uploaded to the registry by a user named "openclaw-ai...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/09 2:50 p.m.10 views

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency organization in 2025 to steal millions of dollars in cryptocurrency. The activity has been attributed with moderate confidence to the state-sponsored...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/09 1:46 p.m.30 views

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Another week in cybersecurity. Another week of "you've got to be kidding me." Attackers were busy. Defenders were busy. And somewhere in the middle, a whole lot of people had a very bad Monday morning. That's kind of just how it goes now. The good news? There were some actual wins this week. Real...

10CVSS8AI score0.9987EPSS
Exploits514
The Hacker News
The Hacker News
added 2026/03/09 11:45 a.m.8 views

Can the Security Platform Finally Deliver for the Mid-Market?

Mid-market organizations are constantly striving to achieve security levels on a par with their enterprise peers. With heightened awareness of supply chain attacks, your customers and business partners are defining the security level you must meet. What if you could be the enabler for your...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/09 10:28 a.m.12 views

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject arbitrary code, and harvest sensitive data. The extensions in question, both originally associated with a developer...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/09 7:21 a.m.9 views

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign. The activity, which has targeted aviation, energy, government, law enforcement, pharmaceutical, technology, and telecommunications sectors, has been...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/07 4:28 p.m.19 views

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

OpenAI on Friday began rolling out Codex Security , an artificial intelligence AI-powered security agent that's designed to find, validate, and propose fixes for vulnerabilities. The feature is available in a research preview to ChatGPT Pro, Enterprise, Business, and Edu customers via the Codex w...

9.8CVSS5.9AI score0.01745EPSS
Exploits3
The Hacker News
The Hacker News
added 2026/03/07 11:21 a.m.13 views

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of these, 14 have been classified as high, seven have been classified as moderate, and one has been rated low in severity. The issues were addressed in...

9.8CVSS5.8AI score0.00625EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/03/06 3:11 p.m.10 views

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence AI-powered coding tools to strike targets with various implants. The activity is designed to produce a "high-volume, mediocre mass of implants" that are developed...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/06 2:33 p.m.19 views

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan RATs payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The stealthy attack chain has been codenamed VOIDGEIST by...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/06 10:30 a.m.9 views

The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity

Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When done right, it builds client trust, increases upsell opportunities, and drives recurring...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/06 10:23 a.m.20 views

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

New research from Broadcom's Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies' networks, including banks, airports, non-profit, and the Israeli arm of a software company. The activity has been attributed to...

10CVSS7.2AI score0.99998EPSS
Exploits45
The Hacker News
The Hacker News
added 2026/03/06 8:22 a.m.13 views

China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

A China-linked advanced persistent threat APT actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the moniker UAT-924...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/06 6:44 a.m.16 views

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February 2026, makes use of the terminal...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/06 6:30 a.m.9 views

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The critical-severity vulnerabilities are listed bel...

10CVSS6AI score0.99998EPSS
Exploits13
The Hacker News
The Hacker News
added 2026/03/05 3:22 p.m.47 views

Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities

Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager formerly SD-WAN vManage have come under active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2026-20122 CVSS score: 7.1 - An arbitrary file overwrite vulnerability that could all...

10CVSS7.9AI score0.57793EPSS
Exploits15
The Hacker News
The Hacker News
added 2026/03/05 3:22 p.m.13 views

Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders

Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they are collecting encrypted data and storing it so it can be decrypted later using quantum computers. Thi...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/05 1:44 p.m.9 views

ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More

Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, security teams shared new findings, and a few unexpected moves from major tech...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/05 12:1 p.m.11 views

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of never-before-seen malware. Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/05 11:0 a.m.21 views

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Organizations typically roll out multi-factor authentication MFA and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. Attackers still compromise networks every day using valid credentials. The issue is not MFA itself, but...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/05 10:10 a.m.19 views

APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow. "The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, ...

6.3AI score
Exploits0
Total number of security vulnerabilities20902