Lucene search
K

20893 matches found

The Hacker News
The Hacker News
added 2026/06/10 2:44 p.m.12 views

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation. The list of vulnerabilities is as follows - CVE-2026-20245 CVSS score: 7.8 - An improper encoding...

8.8CVSS6.7AI score0.25323EPSS
Exploits7
The Hacker News
The Hacker News
added 2026/06/10 10:27 a.m.24 views

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear. The report looks stable. Leadership reads "stable" as "secure." It usually isn't. The work slows down. The risk...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/10 9:38 a.m.24 views

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release. Of the 206 flaws, 39 are rated Critical, and 167 are rated Important in severity. This includes 63...

9.8CVSS7.3AI score0.48438EPSS
Exploits5
The Hacker News
The Hacker News
added 2026/06/10 7:37 a.m.11 views

Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards

On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, split not by capability but by a layer of safety classifiers. Fable 5 goes to the public. Its twin, Claude Mythos 5, the...

8.8CVSS6.6AI score0.01915EPSS
Exploits3
The Hacker News
The Hacker News
added 2026/06/10 7:2 a.m.36 views

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances

ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. "On June 5, 2026, ServiceNow applied a security update to hosted customer instances," the company revealed in an advisory that requires...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/10 5:22 a.m.119 views

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

The anonymous security researcher going by the name Chaotic Eclipse aka Nightmare-Eclipse has released a proof-of-concept PoC exploit for yet another Microsoft Defender zero-day named RoguePlanet. "The exploit is a race condition, so it's a hit or miss," the researcher, who published the exploit...

7.8CVSS6.4AI score0.08371EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/06/10 5:8 a.m.14 views

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers Protobuf, that, if successfully exploited, could result in remote code execution RCE and denial-of-service DoS attacks. "In affected environments, a...

8.7CVSS6.7AI score0.0058EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 5:3 p.m.27 views

Meta to Use Off-Site Business Data for Feed and AI Personalization

Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence AI chatbot, expanding its scope beyond targeted ads. "Businesses often share information about people's activity on their sites with us to ma...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 4:39 p.m.14 views

Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code

Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963 , the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution RCE o...

8.6AI score0.02042EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 4:34 p.m.17 views

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being compromised to inject an information stealer into the code. "Our priority is to protect customers and the broader ecosystem...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 12:26 p.m.22 views

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu aka Gamaredon and SHADOW-EARTH-066 aka...

8.8CVSS5.6AI score0.80906EPSS
Exploits35
The Hacker News
The Hacker News
added 2026/06/09 11:59 a.m.11 views

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without...

9.8CVSS6.4AI score0.95645EPSS
Exploits11
The Hacker News
The Hacker News
added 2026/06/09 11:58 a.m.31 views

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now

Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 CVSS score: 8.8, has been described as an out-of-bounds memory access in V8, Chrome's JavaScript and...

8.8CVSS6.2AI score0.01654EPSS
Exploits4
The Hacker News
The Hacker News
added 2026/06/09 11:30 a.m.21 views

The Hidden Security Risk in Modern Networks: The Work Between Tools

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 9:50 a.m.17 views

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST , needs no native code, no extension, and no permission prompt. You open the page, leave the tab sitting there, and it watches the driv...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 9:13 a.m.16 views

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades , this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index PyPI registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 6:26 a.m.14 views

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-42271 CVSS score: 8.7, is a command...

8.8CVSS7.2AI score0.80188EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/06/08 8:17 p.m.49 views

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container. The flaw, CVE-2026-23111, sits in the kernel's nftables packet-filtering code and was patched upstream on February ...

7.8CVSS6AI score0.00344EPSS
Exploits7
The Hacker News
The Hacker News
added 2026/06/08 5:8 p.m.13 views

Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order

Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it's filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/08 2:17 p.m.24 views

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability, tracked as CVE-2026-50751 CVSS score: 9.3, is a case of a logic flow weakne...

9.3CVSS5.8AI score0.70099EPSS
Exploits5
The Hacker News
The Hacker News
added 2026/06/08 1:19 p.m.12 views

AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload

Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review, another link to inspect, and another alert that cannot be...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/08 1:18 p.m.41 views

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked. A chatbot got fooled. A bot token got leaked inside the malware. The same old mistakes showed up again. And...

8.4CVSS6.8AI score0.01714EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/06/08 11:53 a.m.21 views

The Hardest Fork

Mythos is real. I know a big chunk of the industry thinks it's a marketing stunt, and I get why. I get it. But I've seen the findings, and they're bad. These aren't "whoops, this line right here is wrong, and that's RCE." They're novel combinations of a few dozen issues out of thousands of things...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/08 10:27 a.m.22 views

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET aka GRIMBOLT and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a threat cluster it tracks...

10CVSS8.1AI score0.13131EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/06/08 7:39 a.m.22 views

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/08 6:8 a.m.18 views

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Microsoft has announced that Visual Studio Code VS Code will apply a two-hour delay before extensions for the integrated development environment IDE are updated automatically to a newer version in an attempt to tackle software supply chain threats. "When automatic updates are enabled, new version...

5.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/06 1:36 p.m.18 views

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/06 8:29 a.m.30 views

Free Apps Are Turning Smart TVs Into Web-Scraping Proxies for AI

A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how, with the user's consent, it can turn devices, including always-on smart TVs, into exit nodes that relay web-scraping traffic for a data business Bright Data markets heavily to the AI...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/06 8:14 a.m.14 views

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as...

7.5CVSS5.6AI score0.10659EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/06/06 7:28 a.m.23 views

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside almost everything that touches video, all of them found by an autonomous AI agent. The same week, Google shipped Chrome 149 with patches for...

9.6CVSS5.9AI score0.0039EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/06/06 6:58 a.m.46 views

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/06 4:19 a.m.15 views

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited

Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245 , carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types - On-Prem Deployment Cisco SD-WA...

7.8CVSS6.7AI score0.25323EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/06/05 6:5 p.m.17 views

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/05 2:53 p.m.30 views

Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps

Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin , according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of distinct websites...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/05 12:33 p.m.28 views

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 where "OP" stands for "opponent" that has been observed targeting Microsoft Internet Information Services IIS servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to hi...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/05 11:20 a.m.21 views

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/05 8:38 a.m.17 views

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300 CVSS score: 9.8, a remote code execution...

9.8CVSS6.9AI score0.40992EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/06/05 7:1 a.m.19 views

FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins

Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe thousands of lookalike FIFA domains, banking malware hidden inside pirate streaming apps, and at least one operation that...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/05 5:34 a.m.28 views

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services AWS, Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. "Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified f...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 4:55 p.m.18 views

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco's PSIRT says it has not seen the flaw...

8.6CVSS6.2AI score0.41694EPSS
Exploits3
The Hacker News
The Hacker News
added 2026/06/04 3:15 p.m.20 views

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because Anthropic's own action repo used the same workflow, a working attack could have pushed...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 3:10 p.m.18 views

Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic's Claude Mythos model was made available to a limited set of organizations as a technical preview, it was reported that ...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 2:0 p.m.17 views

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal. Forums go down and come back worse. Cheap hackers get better toys. AI starts breaking real systems...

8.6CVSS6.2AI score0.41694EPSS
Exploits3
The Hacker News
The Hacker News
added 2026/06/04 12:22 p.m.18 views

China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been complemented by a "rapid operational tempo" and a continually evolving malware arsenal comprising known...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 11:19 a.m.16 views

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 9:51 a.m.23 views

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System TDS and deliver malware families like Remus Stealer, AnimateClipper, and the SessionGate framework. "The sites are...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 9:33 a.m.16 views

Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months

Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in small, repeated batches and routing it through Dropbox and OneDrive so the traffic blended into normal cloud activity. Symantec and Carbon Black...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 6:6 a.m.14 views

DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets

The U.S. Department of Justice DoJ on Wednesday announced the results of a sweeping action undertaken by government authorities and private sector companies to combat cyber-enabled and cryptocurrency fraud targeting Americans. The "Disruption Week" operation began May 18, 2026, leading to the...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/03 7:11 p.m.23 views

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly poison its long-term...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/03 5:58 p.m.18 views

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code VS Code that makes it possible to steal a user's GitHub token. "Just by clicking a link, it's possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones...

5.7AI score
Exploits0
Total number of security vulnerabilities20893