Lucene search
+L

20903 matches found

The Hacker News
The Hacker News
added 2026/01/07 5:19 p.m.6 views

Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

Security teams are still catching malware. The problem is what they're not catching. More attacks today don't arrive as files. They don't drop binaries. They don't trigger classic alerts. Instead, they run quietly through tools that already exist inside the environment — scripts, remote access,...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/07 5:9 p.m.12 views

Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches

A cybercrime gang known as Black Cat has been attributed to a search engine optimization SEO poisoning campaign that employs fraudulent sites advertising popular software to trick users into downloading a backdoor capable of stealing sensitive data. According to a report published by the National...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/07 1:48 p.m.19 views

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over susceptible instances. The vulnerability, tracked as CVE-2026-21858 CVSS scor...

10CVSS9.1AI score0.97875EPSS
Exploits42
The Hacker News
The Hacker News
added 2026/01/07 11:26 a.m.18 views

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution RCE. The vulnerability, which has been assigned the CVE identifier CVE-2026-21877 , is rated 10.0 on the CVSS scoring...

9.9CVSS7.8AI score0.97875EPSS
Exploits31
The Hacker News
The Hacker News
added 2026/01/07 11:0 a.m.9 views

The Future of Cybersecurity Includes Non-Human Employees

Non-human employees are becoming the future of cybersecurity, and enterprises need to prepare accordingly. As organizations scale Artificial Intelligence AI and cloud automation, there is exponential growth in Non-Human Identities NHIs, including bots, AI agents, service accounts and automation...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/07 10:41 a.m.20 views

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Veeam has released security updates to address multiple flaws in its Backup & Replication software, including a "critical" issue that could result in remote code execution RCE. The vulnerability, tracked as CVE-2025-59470, carries a CVSS score of 9.0. "This vulnerability allows a Backup or Tape...

9.5AI score0.01487EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/01/07 9:42 a.m.12 views

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations' domains and distribute emails that appear as if they have been sent internally. "Threat actors have leveraged this vector to deliver a wide variety of...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/07 4:31 a.m.7 views

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 CVSS score: 9.3, concerns a case of command injection in the "dnscfg.cgi" endpoint that arises as a result of improper...

9.3CVSS9.1AI score0.00964EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/01/06 5:21 p.m.15 views

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers' control. The names of the extensions, which collectively have over 900,0...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/06 3:47 p.m.5 views

Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

The CERT Coordination Center CERT/CC has disclosed details of an unpatched security flaw impacting TOTOLINK EX200 wireless range extender that could allow a remote authenticated attacker to gain full control of the device. The flaw, CVE-2025-65606 CVSS score: N/A, has been characterized as a flaw...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/06 12:13 p.m.10 views

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

--- Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALTBLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death BSoD errors in attacks targeting the European hospitality sector. The end goal of the multi-stage campai...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/06 11:30 a.m.6 views

What is Identity Dark Matter?

The Invisible Half of the Identity Universe Identity used to live in one place - an LDAP directory, an HR system, a single IAM portal. Not anymore. Today, identity is fragmented across SaaS, on-prem, IaaS, PaaS, home-grown, and shadow applications. Each of these environments carries its own...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/06 11:25 a.m.19 views

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

Popular artificial intelligence AI-powered Microsoft Visual Studio Code VS Code forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/06 5:8 a.m.17 views

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to execute arbitrary system commands on the underlying host. The vulnerability, tracked as CVE-2025-68668 , is rated 9.9 on the CVSS scoring...

9.9CVSS8AI score0.97875EPSS
Exploits30
The Hacker News
The Hacker News
added 2026/01/06 3:30 a.m.8 views

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

Users of the "@adonisjs/bodyparser" npm package are being advised to update to the latest version following the disclosure of a critical security vulnerability that, if successfully exploited, could allow a remote attacker to write arbitrary files on the server. Tracked as CVE-2026-21440 CVSS...

9.2CVSS6.5AI score0.02058EPSS
Exploits5
The Hacker News
The Hacker News
added 2026/01/05 5:56 p.m.14 views

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. "This organization has continued to conduct high-intensity intelligence gathering activities again...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/05 4:41 p.m.19 views

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. "Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/05 12:53 p.m.24 views

⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit. This week's stories...

10CVSS8.7AI score0.99562EPSS
Exploits389
The Hacker News
The Hacker News
added 2026/01/05 11:55 a.m.5 views

The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations 

Featuring: Cybersecurity is being reshaped by forces that extend beyond individual threats or tools. As organizations operate across cloud infrastructure, distributed endpoints, and complex supply chains, security has shifted from a collection of point solutions to a question of architecture,...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/05 9:42 a.m.7 views

Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act

Ilya Lichtenstein, who was sentenced to prison last year for money laundering charges in connection with his role in the massive hack of cryptocurrency exchange Bitfinex in 2016, said he has been released early. In a post shared on X last week, the 38-year-old announced his release, crediting U.S...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/05 7:48 a.m.13 views

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

Cybersecurity researchers have disclosed details of a new Python-based information stealer called VVS Stealer also styled as VVS $tealer that's capable of harvesting Discord credentials and tokens. The stealer is said to have been on sale on Telegram as far back as April 2025, according to a repo...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/02 1:52 p.m.7 views

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan RAT that grants them persistent control over compromised hosts. "The campaign employs deceptive delivery techniques...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/02 11:30 a.m.7 views

The ROI Problem in Attack Surface Management

Attack Surface Management ASM tools promise reduced risk. What they usually deliver is more information. Security teams deploy ASM, asset inventories grow, alerts start flowing, and dashboards fill up. There is visible activity and measurable output. But when leadership asks a simple question, "I...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/02 9:14 a.m.10 views

Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

Cybersecurity researchers have disclosed details of a phishing campaign that involves the attackers impersonating legitimate Google-generated messages by abusing Google Cloud's Application Integration service to distribute emails. The activity, Check Point said, takes advantage of the trust...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/01 3:52 p.m.10 views

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

The first ThreatsDay Bulletin of 2026 lands on a day that already feels symbolic — new year, new breaches, new tricks. If the past twelve months taught defenders anything, it's that threat actors don't pause for holidays or resolutions. They just evolve faster. This week's round-up shows how subt...

9.8CVSS7.6AI score0.99988EPSS
Exploits10
The Hacker News
The Hacker News
added 2026/01/01 9:19 a.m.14 views

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things IoT devices and web applications to enroll them into a botnet known as RondoDox. As of December 2025, the activity has been observed leveraging the recently disclosed...

10CVSS8.1AI score0.99999EPSS
Exploits431
The Hacker News
The Hacker News
added 2026/01/01 5:47 a.m.8 views

How To Browse Faster and Get More Done Using Adapt Browser

As web browsers evolve into all-purpose platforms, performance and productivity often suffer. Feature overload, excessive background processes, and fragmented workflows can slow down browsing sessions and introduce unnecessary friction, especially for users who rely on the browser as a primary wo...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/31 4:29 p.m.11 views

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud aka Sha1-Hulud supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets. "Our Developer GitHub...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/31 4:14 p.m.9 views

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users of Google Chrome, Microsoft Edge, and Mozilla Firefox. The activity is assessed to be the work of...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/31 1:37 p.m.9 views

Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System

IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915 , is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an authentication...

9.8CVSS6.7AI score0.08673EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/12/31 1:29 p.m.5 views

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

Cybersecurity researchers have disclosed details of what appears to be a new strain of Shai Hulud on the npm registry with slight modifications from the previous wave observed last month. The npm package that embeds the novel Shai Hulud strain is "@vietmoney/react-big-calendar," which was uploade...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/31 5:17 a.m.6 views

U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

The U.S. Department of the Treasury's Office of Foreign Assets Control OFAC on Tuesday removed three individuals linked to the Intellexa Consortium, the holding company behind a commercial spyware known as Predator, from the specially designated nationals list. The names of the individuals are as...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/30 4:28 p.m.21 views

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

The Cyber Security Agency of Singapore CSA has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution. The vulnerability, tracked as CVE-2025-52691 , carries a CVSS score of 10.0. It relates...

10CVSS8AI score0.85457EPSS
Exploits15
The Hacker News
The Hacker News
added 2025/12/30 10:46 a.m.7 views

Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware

The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT aka Winos 4.0. "This sophisticated attack leverages a complex kill chain involving DLL hijacking and the modular...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/30 9:30 a.m.5 views

How to Integrate AI into Modern SOC Workflows

Artificial intelligence AI is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/30 8:35 a.m.7 views

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

The Chinese hacking group known as Mustang Panda aka HoneyMyte has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected in mid-2025 targeting an unspecified entity in Asia. The findings come from Kaspersky,...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/29 1:38 p.m.32 views

⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More

Last week's cyber news in 2025 was not about one big incident. It was about many small cracks opening at the same time. Tools people trust every day behave in unexpected ways. Old flaws resurfaced. New ones were used almost immediately. A common theme ran through it all in 2025. Attackers moved...

9.9CVSS9.8AI score0.97875EPSS
Exploits87
The Hacker News
The Hacker News
added 2025/12/29 9:46 a.m.19 views

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability in question is CVE-2025-14847 CVSS score: 8.7, which allows an unauthenticated attacker to...

8.7CVSS7.1AI score0.83007EPSS
Exploits39
The Hacker News
The Hacker News
added 2025/12/29 9:44 a.m.6 views

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Cybersecurity researchers have disclosed details of what has been described as a "sustained and targeted" spear-phishing campaign that has published over two dozen packages to the npm registry to facilitate credential theft. The activity, which involved uploading 27 npm packages from six differen...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/29 6:34 a.m.9 views

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024, ChatGPT vulnerabilities allowed...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/27 7:52 a.m.15 views

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked as CVE-2025-14847 CVSS score: 8.7, has been described as a case of improper handling of length parameter inconsistency, which arises whe...

8.7CVSS6.2AI score0.83007EPSS
Exploits39
The Hacker News
The Hacker News
added 2025/12/26 3:31 p.m.5 views

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

Trust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a "security incident" that led to the loss of approximately $7 million. The issue, the multi‑chain, non‑custodial cryptocurrency wallet service said, impacts version 2.68. The...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/26 2:44 p.m.9 views

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

A China-linked advanced persistent threat APT group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain Name System DNS requests to deliver its signature MgBot backdoor in attacks targeting victims in Türkiye, China, and India. The activity,...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/26 9:27 a.m.6 views

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model LLM responses through prompt injection. LangChain Core i.e., langchain-core is a core Python package that's part of the LangChain...

9.3CVSS7.8AI score0.1383EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/12/25 2:1 p.m.20 views

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

It's getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they're blending in, hijacking everyday tools, trusted apps, and even AI assistants. What used to feel like clear-cut "hacker stories" now looks more like a mirror of the...

9.8CVSS9.9AI score0.99945EPSS
Exploits36
The Hacker News
The Hacker News
added 2025/12/25 12:46 p.m.5 views

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs. The blockchain intelligence firm said...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/25 8:22 a.m.12 views

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet on Wednesday said it observed "recent abuse" of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations. The vulnerability in question is CVE-2020-12812 CVSS score: 5.2, an improper authentication vulnerability in SSL VPN in FortiOS that could allow a us...

9.8CVSS9.8AI score0.49344EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/12/25 8:7 a.m.7 views

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency CISA added a security flaw impacting Digiever DS-2105 Pro network video recorders NVRs to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2023-52163 CVSS score: 8.8...

8.8CVSS8AI score0.96979EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/12/24 4:23 p.m.11 views

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that's delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple's Gatekeeper checks. "Unlike earlier MacSync Stealer variant...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/24 1:8 p.m.10 views

Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

The fraudulent investment scheme known as Nomani has witnessed an increase by 62%, according to data from ESET, as campaigns distributing the threat have also expanded beyond Facebook to include other social media platforms, such as YouTube. The Slovak cybersecurity company said it blocked over...

6.6AI score
Exploits0
Total number of security vulnerabilities20903