All News
The Hacker News
The Hacker News
May 19, 2026
The New Phishing Click: How OAuth Consent Bypasses MFA
OAuth consent is the phishing vector MFA misses—long-lived tokens and cross-app access bypass trusted identity controls.
The Hacker News
May 19, 2026
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
Drupal plans May 20 core security patches as exploits may follow within hours or days, requiring urgent site updates.
The Hacker News
May 19, 2026
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Seven SEPPMail Secure E-Mail Gateway flaws disclosed, including RCE, path traversal, authorization, deserialization, and eval injection flaw...
The Hacker News
May 19, 2026
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Nx Console 18.95.0 fetched a 498 KB stealer via GitHub orphan commit, exposing developer secrets and forcing credential rotation.
The Hacker News
May 19, 2026
GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
GitHub Action tags point to malicious commits, exposing CI/CD credentials; 15 second-action tags also compromised.
The Hacker News
May 19, 2026
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Mini Shai-Hulud hits @antv and echarts-for-react via npm maintainer compromise, exposing 1.1M weekly downloads to credential theft.
The Hacker News
May 18, 2026
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
Operation Ramz led to 201 arrests across 13 MENA countries, disrupting phishing, malware, and fraud networks.
The Hacker News
May 18, 2026
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
This week’s top cyber threats, attacks, breaches, malware, and urgent security updates.
The Hacker News
May 18, 2026
How to Reduce Phishing Exposure Before It Turns into Business Disruption
Phishing links exposed in 40 seconds across U.S. sectors, helping SOCs cut MTTR by 21 minutes and triage 94% faster.
The Hacker News
May 18, 2026
Developer Workstations Are Now Part of the Software Supply Chain
3 campaigns hit npm, PyPI, and Docker Hub in 48 hours, exposing secrets from developer and CI/CD environments.
The Hacker News
May 18, 2026
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Ivanti, Fortinet, SAP, VMware, and n8n fix 11 flaws, including 9.6 bugs, reducing RCE, auth bypass, and escalation risks.
The Hacker News
May 18, 2026
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
4 malicious npm packages with 3,006 downloads spread stealers and Phantom Bot, forcing removals and secret rotation.
The Hacker News
May 18, 2026
The Non-Human Identity Crisis: Why Your Machine Identities Are Your Biggest Governance Gap
NHIs outnumber users 45:1 as AI agents expand access, raising breach and compliance risk.
The Hacker News
May 18, 2026
7 Signs Your Organization Is Vulnerable to Business Email Compromise
BEC caused $3B in 2024 losses as trust-based email fraud bypasses filters, exposing finance teams to wire fraud.
The Hacker News
May 18, 2026
Agentic Attacks Arrived Over a Year Ago. Your Remediation Hasn't Caught Up.
Agentic attacks outpace manual defense; 0.87-hour MTTR shows validated remediation can cut healthcare exposure fast.
The Hacker News
May 18, 2026
Time-to-Revoke: The Metric CISOs Need in the AI Exploit Era
Exposed secrets stay valid for years as exploit timelines fall below one day, expanding breach reach and persistence.
The Hacker News
May 18, 2026
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
Fast16 corrupted nuclear simulations via 101 hook rules, targeting LS-DYNA and AUTODYN to sabotage weapons research.
The Hacker News
May 18, 2026
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
MiniPlasma revives a 2020 Windows cldflt.sys flaw, enabling SYSTEM access on May 2026 patched Windows 11 systems.
The Hacker News
May 17, 2026
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
CVE-2026-42945 is exploited after disclosure, impacting NGINX 0.6.27–1.30.0 and enabling crashes or RCE.
The Hacker News
May 17, 2026
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Grafana disclosed an unauthorized party accessed its GitHub environment and downloaded its codebase via a token.
The Hacker News
May 16, 2026
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
Funnel Builder flaw hits 40,000+ stores; fake GTM skimmers steal checkout payment data before patch 3.15.0.3.
The Hacker News
May 15, 2026
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
Turla turns Kazuar into a 3-module P2P botnet, enabling stealthy C2, resilient tasking, and persistent access.
The Hacker News
May 15, 2026
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Claw Chain flaws in OpenClaw 2026.4.22 enable data theft, privilege escalation, and persistence when chained.
The Hacker News
May 15, 2026
What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
Trusted-tool abuse hit 84% of 700,000 incidents, driving 45-day assessments that reduce attack surface by 30%+.
The Hacker News
May 15, 2026
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June 12, 2026.
The Hacker News
May 15, 2026
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
CVE-2026-42897 is exploited in on-prem Exchange; crafted emails enable spoofing, forcing urgent mitigation.
The Hacker News
May 15, 2026
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
CISA added CVE-2026-20182, a CVSS 10.0 Cisco Catalyst SD-WAN Controller authentication bypass flaw, to its KEV catalog.
The Hacker News
May 14, 2026
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
CVE-2026-20182 bypasses Cisco SD-WAN auth via DTLS port 12346, enabling admin access after May 2026 exploitation.
The Hacker News
May 14, 2026
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Three node-ipc versions contain stealer/backdoor code, exposing developer and cloud secrets to exfiltration.
The Hacker News
May 14, 2026
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited flaws.
The Hacker News
May 14, 2026
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.
The Hacker News
May 14, 2026
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
PraisonAI auth bypass exposed /agents after May 11 disclosure, enabling exploit checks within 3h44m.
The Hacker News
May 14, 2026
How AI Hallucinations Are Creating Real Security Risks
AI hallucinations are confident but false outputs that pose major security risks. Learn how they impact threat detection and how to mitigate...
The Hacker News
May 14, 2026
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
YellowKey bypasses BitLocker via WinRE USB FsTx files, exposing Windows 11 and Server 2022/2025 systems.
The Hacker News
May 14, 2026
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Fragnesia CVE-2026-46300 corrupts Linux page cache via XFRM ESP-in-TCP, enabling local root access on major distros.
The Hacker News
May 14, 2026
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.
The Hacker News
May 13, 2026
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Microsoft’s new MDASH AI system found 16 Windows vulnerabilities fixed in this month’s Patch Tuesday, including 2 RCE flaws in IKEv2 and TCP...
The Hacker News
May 13, 2026
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
FamousSparrow reused ProxyNotShell from Dec 2025-Feb 2026, deploying Deed RAT and TernDoor to sustain energy-sector access.
The Hacker News
May 13, 2026
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
Learn AppSec secrets from industry veterans Mike McGuire (Wiz) and Salman Ladha (ex-Okta). Discover why your tools miss the real attack path...
The Hacker News
May 13, 2026
Most Remediation Programs Never Confirm the Fix Actually Worked
AI-driven exploitation outpaces 32-day edge remediation, leaving closed tickets with unresolved risk.
The Hacker News
May 13, 2026
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
Microsoft patched 138 flaws, including 30 Critical bugs, as AI discovery expands Patch Tuesday risk.
The Hacker News
May 13, 2026
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
GemStuffer used 150+ RubyGems to scrape U.K. council portals, turning the registry into a data exfiltration channel.
The Hacker News
May 13, 2026
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
Android Intrusion Logging stores encrypted forensic logs for 12 months, helping experts investigate spyware attacks on high-risk users.
The Hacker News
May 12, 2026
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Exim BDAT flaw affects 4.97–4.99.2 GnuTLS builds, causing heap corruption and possible code execution.
The Hacker News
May 12, 2026
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
RubyGems halted new registrations after a major attack involving hundreds of malicious packages, increasing supply chain risks.
The Hacker News
May 12, 2026
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
A new TrickMo Android banking trojan variant uses TON blockchain infrastructure for stealthy command-and-control communications.
The Hacker News
May 12, 2026
Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help
Critical SOC alerts go uninvestigated as static AI triage limits coverage, increasing enterprise breach risks.
The Hacker News
May 12, 2026
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm packages.
The Hacker News
May 12, 2026
Why Agentic AI Is Security's Next Blind Spot
Agentic AI expands enterprise attack surfaces through broad permissions and unreviewed deployments, increasing lateral movement risks.
The Hacker News
May 12, 2026
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
Instructure paid a ransom after hackers stole 275 million Canvas records, reducing risks of wider extortion and leaks.- 1
- 2
Showing 50 results of 56 — Page 1