All News
The Hacker News
The Hacker News
February 13, 2026
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs
Suspected Russian actor deploys CANFAIL malware via phishing, targeting Ukrainian defense, energy, and aid sectors using LLM-assisted lures.
The Hacker News
February 13, 2026
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
State-backed hackers from China, Russia, Iran, and North Korea target defense contractors using espionage, malware, hiring scams, and edge e...
The Hacker News
February 13, 2026
UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors
Cisco Talos links UAT-9921 to VoidLink, a modular Zig-based malware targeting Linux cloud systems with stealth plugins and C2 control.
The Hacker News
February 13, 2026
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History | Read more hacking news on The Hacker News cybersec...
The Hacker News
February 13, 2026
npm’s Update to Harden Their Supply Chain, and Points to Consider
npm’s token overhaul boosts security, but MFA bypass, phishing, and console access still enable supply-chain attacks.
The Hacker News
February 13, 2026
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws to KEV list.
The Hacker News
February 12, 2026
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
Google finds nation-state hackers abusing Gemini AI for target profiling, phishing kits, malware staging, and model extraction attacks.
The Hacker News
February 12, 2026
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems
North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and data-stealing mal...
The Hacker News
February 12, 2026
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
This week’s cybersecurity roundup covering emerging attacks, malware trends, infrastructure abuse, and evolving intrusion activity.
The Hacker News
February 12, 2026
The CTEM Divide: Why 84% of Security Programs Are Falling Behind
Study of 128 enterprises shows CTEM adopters achieve 50% better attack surface visibility and stronger security outcomes amid rising breach...
The Hacker News
February 12, 2026
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
83% of Ivanti EPMM exploits traced to one IP as automated scans target governments and enterprises.
The Hacker News
February 12, 2026
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices
Apple releases security updates fixing exploited dyld zero-day CVE-2026-20700 enabling code execution across iOS, macOS, and Apple devices.
The Hacker News
February 11, 2026
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in a supply chain...
The Hacker News
February 11, 2026
APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities
Pakistan-aligned APT36 and SideCopy target Indian defense and government entities using phishing-delivered RAT malware across Windows and Li...
The Hacker News
February 11, 2026
Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms
Patch Tuesday delivers fixes for 59 Microsoft flaws, six exploited zero-days, plus critical SAP and Intel TDX vulnerabilities.
The Hacker News
February 11, 2026
Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
Exposed training apps in cloud environments enable exploitation, lateral movement, and crypto-mining activity across enterprise infrastructu...
The Hacker News
February 11, 2026
Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days
Microsoft patches 59 vulnerabilities, including six actively exploited zero-days, with CISA mandating urgent federal remediation.
The Hacker News
February 11, 2026
SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits
Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
The Hacker News
February 11, 2026
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
UNC1069 targets crypto firms via Telegram lures, fake Zoom meetings, and multi-stage malware to steal credentials, browser data, and funds.
The Hacker News
February 10, 2026
DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies
North Korean IT operatives use stolen LinkedIn accounts, fake hiring flows, and malware to secure remote jobs, steal data, and fund state pr...
The Hacker News
February 10, 2026
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
Researchers uncover Reynolds ransomware embedding a vulnerable BYOVD driver to kill EDR defenses, signaling advanced evasion in ransomware a...
The Hacker News
February 10, 2026
From Ransomware to Residency: Inside the Rise of the Digital Parasite
Ransomware declines as stealth, credential theft, and persistence dominate modern cyberattacks, Picus Red Report 2026 finds.
The Hacker News
February 10, 2026
ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
ZAST.AI raised $6M after uncovering hundreds of zero-days and 119 CVEs using AI-generated PoC validation.
The Hacker News
February 10, 2026
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
Warlock ransomware breached SmarterTools via unpatched SmarterMail, exploiting critical flaws to access Windows systems and deploy encryptio...
The Hacker News
February 10, 2026
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
Ivanti EPMM zero-day flaws enabled cyberattacks on Dutch, EU, and Finnish government systems, exposing employee contact and device data.
The Hacker News
February 10, 2026
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.
The Hacker News
February 9, 2026
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
UNC3886 targeted Singapore’s telecom operators via zero-day exploits, rootkits, and VMware systems; no customer data breach confirmed.
The Hacker News
February 9, 2026
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.
The Hacker News
February 9, 2026
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must...
The Hacker News
February 9, 2026
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring
Sandbox-first investigations and automated triage cut MTTR, reduce burnout, and triple SOC output without extra hiring.
The Hacker News
February 9, 2026
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
Bloody Wolf spear-phishing campaign deploys NetSupport RAT across Uzbekistan and Russia, hitting 60+ victims and multiple sectors.
The Hacker News
February 9, 2026
3 Questions to Ask Before Your Next SSE POC
SSE often proves architecture, not risk reduction; agentless session security adds in-browser controls for SaaS, GenAI, BYOD, and third part...
The Hacker News
February 9, 2026
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ranso...
The Hacker News
February 9, 2026
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.
The Hacker News
February 8, 2026
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills
OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins, prompt injection & exposed i...
The Hacker News
February 7, 2026
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
Germany’s BSI and BfV warn of state-linked Signal phishing using fake support chats, PIN theft, and device linking to access sensitive accou...
The Hacker News
February 6, 2026
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
China-linked DKnife framework uses router-level AitM implants for traffic hijacking, credential theft, and malware delivery targeting edge d...
The Hacker News
February 6, 2026
CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
CISA orders federal agencies to inventory, upgrade, and remove unsupported edge devices within 12–18 months to reduce cyber-espionage risk.
The Hacker News
February 6, 2026
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
Asian state-linked hackers breached 70 entities, used phishing, N-day exploits, and rootkits for global espionage.
The Hacker News
February 6, 2026
How Samsung Knox Helps Stop Your Network Security Breach
Discover how Samsung Knox enhances mobile network security with granular controls, Zero Trust principles & seamless integration for a safer...
The Hacker News
February 6, 2026
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
The Hacker News
February 6, 2026
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
Anthropic’s Claude Opus 4.6 identified 500+ unknown high-severity flaws in open-source projects, advancing AI-driven vulnerability detection...
The Hacker News
February 5, 2026
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
AISURU/Kimwolf launched a record 31.4 Tbps DDoS attack as 2025 saw 47.1M incidents, rising botnet scale, and Android device abuse.
The Hacker News
February 5, 2026
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
ThreatsDay Bulletin: Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activ...
The Hacker News
February 5, 2026
The Buyer’s Guide to AI Usage Control
AI adoption is surging, but enterprises lack visibility—AI Usage Control enables real-time governance of interactions and risks.
The Hacker News
February 5, 2026
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
Infy hackers revived operations post-Iran blackout, deploying Tornado malware, Telegram C2, and WinRAR exploits.
The Hacker News
February 5, 2026
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
Critical n8n vulnerability CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.
The Hacker News
February 5, 2026
Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign
Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs, and governmen...
The Hacker News
February 4, 2026
Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models
Microsoft develops a lightweight scanner that detects backdoors in open-weight LLMs using three behavioral signals, improving AI model secur...
The Hacker News
February 4, 2026