https://thehackernews.com/2026/04/china-linked-ta416-targets-european.html2026-04-03T23:04:35+05:30The Hacker Newsen2026-04-03T23:04:00+05:30China-Linked TA416 Targets European Governments with PlugX and OAuth-Based PhishingCloud security, cyber espionage, cybersecurity, data security, Malware, Phishing, PlugX, Proofpoint, Threat Intelligencehttps://thehackernews.com/2026/04/microsoft-details-cookie-controlled-php.html2026-04-03T21:02:52+05:30The Hacker Newsen2026-04-03T21:02:00+05:30Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux ServersCron Job, cybersecurity, linux, Microsoft Defender, PHP, remote code execution, Server Hardening, Web Shellhttps://thehackernews.com/2026/04/unc1069-social-engineering-of-axios.html2026-04-03T22:52:57+05:30The Hacker Newsen2026-04-03T16:34:00+05:30UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain AttackCredential Theft, cybersecurity, JavaScript, Malware, North Korea, NPM, Open Source, social engineering, supply chain attack, Threat Intelligencehttps://thehackernews.com/2026/04/why-third-party-risk-is-biggest-gap-in.html2026-04-03T16:30:00+05:30The Hacker Newsen2026-04-03T16:30:00+05:30Why Third-Party Risk Is the Biggest Gap in Your Clients' Security PostureCompliance, Cyber Insurance, cybersecurity, data breach, Governance, Risk management, SaaS Security, Supply Chain Securityhttps://thehackernews.com/2026/04/new-sparkcat-variant-in-ios-android.html2026-04-03T14:40:29+05:30The Hacker Newsen2026-04-03T14:40:00+05:30New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase ImagesAndroid, cryptocurrency, cybersecurity, data theft, iOS, Kaspersky, Malware, mobile security, Threat Intelligencehttps://thehackernews.com/2026/04/drift-loses-285-million-in-durable.html2026-04-03T20:37:31+05:30The Hacker Newsen2026-04-03T14:05:00+05:30Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRKBlockchain, cryptocurrency, cybersecurity, data breach, North Korea, Smart Contract, social engineering, Threat Intelligence, Web3https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html2026-04-03T01:00:54+05:30The Hacker Newsen2026-04-03T01:00:00+05:30Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal CredentialsAmazon Web Services, Cisco Talos, Cloud security, cybersecurity, data breach, remote code execution, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/04/cisco-patches-98-cvss-imc-and-ssm-flaws.html2026-04-03T13:15:07+05:30The Hacker Newsen2026-04-02T20:51:00+05:30Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromisecisco, cybersecurity, network security, privilege escalation, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/04/threatsday-bulletin-pre-auth-chains.html2026-04-02T20:37:11+05:30The Hacker Newsen2026-04-02T18:15:00+05:30ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Storiesartificial intelligence, Cloud security, Cybercrime, cybersecurity, Malware, Privacy, ransomware, Threatsday Bulletin, Vulnerabilityhttps://thehackernews.com/2026/04/researchers-uncover-mining-operation.html2026-04-02T17:12:05+05:30The Hacker Newsen2026-04-02T17:12:00+05:30Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto MinersCryptomining, cybersecurity, GitHub, Malware, Microsoft Defender, powershell, Remote Access Trojanhttps://thehackernews.com/2026/04/the-state-of-trusted-open-source-report.html2026-04-02T17:00:00+05:30The Hacker Newsen2026-04-02T17:00:00+05:30The State of Trusted Open Source Reportartificial intelligence, Compliance, Container Security, cybersecurity, DevSecOps, Open Source, Software Supply Chain, Vulnerabilityhttps://thehackernews.com/2026/04/whatsapp-alerts-200-users-after-fake.html2026-04-02T15:21:00+05:30The Hacker Newsen2026-04-02T15:21:00+05:30WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Actioncybersecurity, data privacy, European Union, iOS, Malware, mobile security, spyware, surveillance, Whatsapphttps://thehackernews.com/2026/04/apple-expands-ios-1877-update-to-more.html2026-04-02T12:48:52+05:30The Hacker Newsen2026-04-02T12:39:00+05:30Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword ExploitApple, cybersecurity, Device Protection, exploit kit, iOS, iPadOS, mobile security, Vulnerability, web securityhttps://thehackernews.com/2026/04/cert-ua-impersonation-campaign-spread.html2026-04-01T21:40:19+05:30The Hacker Newsen2026-04-01T21:40:00+05:30CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emailsartificial intelligence, CERT-UA, cybersecurity, data breach, email security, Malware, Phishing, Remote Access Trojan, Ukrainehttps://thehackernews.com/2026/04/microsoft-warns-of-whatsapp-delivered.html2026-04-01T19:40:46+05:30The Hacker Newsen2026-04-01T19:40:00+05:30Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC BypassCloud security, cybersecurity, Malware, Microsoft, privilege escalation, social engineering, Whatsapp, windows securityhttps://thehackernews.com/2026/04/block-prompt-not-work-end-of-doctor-no.html2026-04-01T18:16:09+05:30The Hacker Newsen2026-04-01T18:16:00+05:30Block the Prompt, Not the Work: The End of "Doctor No"artificial intelligence, browser security, Compliance, cybersecurity, Data Loss Prevention, data protection, endpoint security, enterprise securityhttps://thehackernews.com/2026/04/casbaneiro-phishing-targets-latin.html2026-04-01T18:06:46+05:30The Hacker Newsen2026-04-01T18:06:00+05:30Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Luresbanking Trojan, Command and Control, cybersecurity, email security, Malware, Phishing, social engineering, windows securityhttps://thehackernews.com/2026/04/new-chrome-zero-day-cve-2026-5281-under.html2026-04-02T12:51:31+05:30The Hacker Newsen2026-04-01T17:12:00+05:30New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Releasedbrowser security, Chromium, cybersecurity, Google Chrome, remote code execution, Vulnerability, WebGPU, zero-dayhttps://thehackernews.com/2026/04/3-reasons-attackers-are-using-your.html2026-04-01T18:12:46+05:30The Hacker Newsen2026-04-01T16:28:00+05:303 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)artificial intelligence, Attack Surface Management, cybersecurity, endpoint security, Living off the Land, Malware, powershell, privilege escalation, threat detection, Windows 11https://thehackernews.com/2026/04/google-attributes-axios-npm-supply.html2026-04-03T15:55:08+05:30The Hacker Newsen2026-04-01T13:14:00+05:30Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069cryptocurrency, cybersecurity, Malware, North Korea, NPM, software security, supply chain attack, Threat Intelligencehttps://thehackernews.com/2026/04/claude-code-tleaked-via-npm-packaging.html2026-04-03T14:08:28+05:30The Hacker Newsen2026-04-01T11:42:00+05:30Claude Code Source Leaked via npm Packaging Error, Anthropic Confirmsartificial intelligence, cybersecurity, data breach, npm Registry, Open Source, software development, source code, supply chain attackhttps://thehackernews.com/2026/03/android-developer-verification-rollout.html2026-03-31T23:58:45+05:30The Hacker Newsen2026-03-31T23:58:00+05:30Android Developer Verification Rollout Begins Ahead of September EnforcementAndroid, Apple, Compliance, cybersecurity, data privacy, Google, mobile securityhttps://thehackernews.com/2026/03/trueconf-zero-day-exploited-in-attacks.html2026-04-03T00:50:49+05:30The Hacker Newsen2026-03-31T21:33:00+05:30TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networkscybersecurity, Malware, Patch Management, supply chain attack, Threat Intelligence, Video Conferencing, Vulnerability, zero-dayhttps://thehackernews.com/2026/03/vertex-ai-vulnerability-exposes-google.html2026-03-31T18:39:42+05:30The Hacker Newsen2026-03-31T18:39:00+05:30Vertex AI Vulnerability Exposes Google Cloud Data and Private ArtifactsAI Security, Artifact Registry, Cloud Infrastructure, Cloud security, cybersecurity, Google Cloud, Vertex AIhttps://thehackernews.com/2026/03/the-ai-arms-race-why-unified-exposure.html2026-03-31T18:48:15+05:30The Hacker Newsen2026-03-31T17:20:00+05:30The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priorityartificial intelligence, Cloud security, cybersecurity, Exposure management, Malware, Phishing, Red Teaming, Threat Intelligence, vulnerability managementhttps://thehackernews.com/2026/03/silver-fox-expands-asia-cyber-campaign.html2026-03-31T18:23:24+05:30The Hacker Newsen2026-03-31T17:16:00+05:30Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake DomainsCode Signing Certificate, Command and Control, cybersecurity, Domain Spoofing, encryption, Malware, Phishing, Remote Access Trojanhttps://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html2026-03-31T23:35:35+05:30The Hacker Newsen2026-03-31T11:38:00+05:30Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm AccountCI/CD Security, cybersecurity, JavaScript, Malware, NPM, Open Source, Remote Access Trojan, Software Integrity, supply chain attackhttps://thehackernews.com/2026/03/openai-patches-chatgpt-data.html2026-03-30T23:35:16+05:30The Hacker Newsen2026-03-30T23:35:00+05:30OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token VulnerabilityChatGPT, Codex, Command Injection, cybersecurity, DNS, enterprise security, GitHub, OpenAI, Vulnerabilityhttps://thehackernews.com/2026/03/deepload-malware-uses-clickfix-and-wmi.html2026-03-31T11:39:31+05:30The Hacker Newsen2026-03-30T21:17:00+05:30DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentialsbrowser security, cybersecurity, Malware, Phishing, powershell, ransomware, social engineering, Threat Intelligence, windows securityhttps://thehackernews.com/2026/03/weekly-recap-telecom-sleeper-cells-llm.html2026-03-31T23:35:22+05:30The Hacker Newsen2026-03-30T19:26:00+05:30⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and Moreartificial intelligence, browser security, Cloud security, cybersecurity, Cybersecurity Recap, Identity Security, Malware, network security, Phishing, Vulnerabilityhttps://thehackernews.com/2026/03/3-soc-process-fixes-that-unlock-tier-1.html2026-03-30T18:30:00+05:30The Hacker Newsen2026-03-30T18:30:00+05:303 SOC Process Fixes That Unlock Tier 1 ProductivityAutomation, Cloud security, cybersecurity, digital forensics, endpoint security, Incident response, Malware, Phishing, security operations center, Threat Analysishttps://thehackernews.com/2026/03/russian-ctrl-toolkit-delivered-via.html2026-03-30T20:09:52+05:30The Hacker Newsen2026-03-30T17:48:00+05:30Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnelscybersecurity, Endpoint Protection, Malware, network security, Phishing, ransomware, Remote Access Trojan, Threat Intelligence, windows securityhttps://thehackernews.com/2026/03/the-state-of-secrets-sprawl-2026-9.html2026-03-30T17:00:00+05:30The Hacker Newsen2026-03-30T17:00:00+05:30The State of Secrets Sprawl 2026: 9 Takeaways for CISOsartificial intelligence, Cloud security, cybersecurity, data breach, DevOps, Docker, GitHub, Gitlabhttps://thehackernews.com/2026/03/three-china-linked-clusters-target.html2026-03-30T12:30:30+05:30The Hacker Newsen2026-03-30T12:30:00+05:30Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber CampaignAdvanced Persistent Threat, china, cybersecurity, data theft, Malware, network intrusion, Remote Access Trojan, Threat Intelligencehttps://thehackernews.com/2026/03/iran-linked-hackers-breach-fbi.html2026-03-30T15:09:34+05:30The Hacker Newsen2026-03-28T21:10:00+05:30Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attackcritical infrastructure, cybersecurity, data breach, FBI, Hacktivism, Iran, Microsoft Intune, Phishing, supply chain attack, wiper malwarehttps://thehackernews.com/2026/03/citrix-netscaler-under-active-recon-for.html2026-03-31T11:39:03+05:30The Hacker Newsen2026-03-28T14:41:00+05:30Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread BugCitrix, cybersecurity, NetScaler, network security, SAML, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/03/ta446-deploys-leaked-darksword-ios.html2026-03-31T14:08:41+05:30The Hacker Newsen2026-03-28T12:37:00+05:30TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing CampaignApple, cybersecurity, email security, exploit kit, iOS, Malware, mobile security, Russia, Spear Phishinghttps://thehackernews.com/2026/03/cisa-adds-cve-2025-53521-to-kev-after.html2026-03-28T14:07:18+05:30The Hacker Newsen2026-03-28T12:37:00+05:30CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM ExploitationBIG-IP, CISA, cybersecurity, F5, network security, Patch Management, remote code execution, Vulnerability, Webshellhttps://thehackernews.com/2026/03/apple-sends-lock-screen-alerts-to.html2026-03-27T22:52:45+05:30The Hacker Newsen2026-03-27T22:52:00+05:30Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based ExploitsApple, cybersecurity, exploit kit, iOS, iPadOS, mobile security, spyware, zero dayhttps://thehackernews.com/2026/03/teampcp-pushes-malicious-telnyx.html2026-03-28T11:55:38+05:30The Hacker Newsen2026-03-27T22:23:00+05:30TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV FilesCI/CD Security, cybersecurity, Malware, Open Source, PyPI, Python, ransomware, Steganography, supply chain attackhttps://thehackernews.com/2026/03/open-vsx-bug-let-malicious-vs-code.html2026-03-27T19:27:52+05:30The Hacker Newsen2026-03-27T19:27:00+05:30Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security ChecksApplication Security, cybersecurity, DevSecOps, Open Source, software security, Supply Chain Security, Visual Studio, Vulnerabilityhttps://thehackernews.com/2026/03/aitm-phishing-targets-tiktok-business.html2026-03-27T17:33:04+05:30The Hacker Newsen2026-03-27T17:33:00+05:30AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile EvasionCloudFlare, cybersecurity, Infostealer, Malware, Phishing, ransomware, social engineering, TikTokhttps://thehackernews.com/2026/03/we-are-at-war.html2026-03-27T19:51:33+05:30The Hacker Newsen2026-03-27T16:30:00+05:30We Are At Warcritical infrastructure, cybersecurity, Hacktivism, Industrial Control Systems, Orange Cyberdefense, ransomware, Telecom, Threat Intelligencehttps://thehackernews.com/2026/03/bearlyfy-hits-70-russian-firms-with.html2026-03-27T17:18:11+05:30The Hacker Newsen2026-03-27T15:34:00+05:30Bearlyfy Hits Russian Firms with Custom GenieLocker RansomwareCyber Attack, cybersecurity, data encryption, Malware, ransomware, Threat Intelligence, Vulnerability, windows securityhttps://thehackernews.com/2026/03/langchain-langgraph-flaws-expose-files.html2026-03-27T13:37:37+05:30The Hacker Newsen2026-03-27T13:37:00+05:30LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI FrameworksApplication Security, artificial intelligence, Cloud security, cybersecurity, Open Source, sql injection, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/03/china-linked-red-menshen-uses-stealthy.html2026-04-03T20:36:26+05:30The Hacker Newsen2026-03-26T23:10:00+05:30China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom NetworksAdvanced Persistent Threat, cyber espionage, cybersecurity, linux, Malware, network security, Telecom, Threat Intelligencehttps://thehackernews.com/2026/03/webinar-stop-guessing-learn-to-validate.html2026-03-26T18:42:15+05:30The Hacker Newsen2026-03-26T18:42:00+05:30[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attackscybersecurity, Incident response, network security, Security Automation, Security Testing, SOC Operations, Threat Intelligencehttps://thehackernews.com/2026/03/claude-extension-flaw-enabled-zero.html2026-03-26T21:09:02+05:30The Hacker Newsen2026-03-26T18:41:00+05:30Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Websiteartificial intelligence, browser security, cybersecurity, Vulnerability, web security, xsshttps://thehackernews.com/2026/03/masters-of-imitation-how-hackers-and.html2026-03-26T17:28:00+05:30The Hacker Newsen2026-03-26T17:28:00+05:30Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deceptionartificial intelligence, Cloud security, cybersecurity, Identity Security, Malware, network security, Phishing, ransomware, threat detectionhttps://thehackernews.com/2026/03/threatsday-bulletin-pqc-push-ai-vuln.html2026-03-26T22:43:27+05:30The Hacker Newsen2026-03-26T17:15:00+05:30ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Storiesartificial intelligence, Cloud security, Cybercrime, cybersecurity, Malware, Privacy, ransomware, Threatsday Bulletin, Vulnerabilityhttps://thehackernews.com/2026/03/coruna-ios-kit-reuses-2023.html2026-04-02T12:51:14+05:30The Hacker Newsen2026-03-26T16:37:00+05:30Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass AttacksApple, cybersecurity, exploit kit, iOS, Malware, mobile security, Nation-State Attack, Threat Intelligence, Vulnerability, zero-dayhttps://thehackernews.com/2026/03/webrtc-skimmer-bypasses-csp-to-steal.html2026-03-26T21:09:41+05:30The Hacker Newsen2026-03-26T12:23:00+05:30WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce SitesAdobe Commerce, cybersecurity, Magento, Malware, Threat Intelligence, Vulnerability, web security, WebRTChttps://thehackernews.com/2026/03/leakbase-admin-arrested-in-russia-over.html2026-03-26T12:29:40+05:30The Hacker Newsen2026-03-25T23:05:00+05:30LeakBase Admin Arrested in Russia Over Massive Stolen Credential MarketplaceCybercrime, cybersecurity, dark web, data breach, digital forensics, identity theft, law enforcement, Threat Intelligencehttps://thehackernews.com/2026/03/glassworm-malware-uses-solana-dead.html2026-03-25T22:12:51+05:30The Hacker Newsen2026-03-25T19:56:00+05:30GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Databrowser security, cryptocurrency, cybersecurity, data theft, Malware, Remote Access Trojan, supply chain attack, Threat Intelligencehttps://thehackernews.com/2026/03/the-kill-chain-is-obsolete-when-your-ai.html2026-03-25T17:28:00+05:30The Hacker Newsen2026-03-25T17:28:00+05:30The Kill Chain Is Obsolete When Your AI Agent Is the Threatartificial intelligence, Cloud security, cybersecurity, data breach, SaaS Security, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/03/russian-hacker-sentenced-to-2-years-for.html2026-03-25T22:14:12+05:30The Hacker Newsen2026-03-25T17:22:00+05:30Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacksbotnet, Cybercrime, cybersecurity, data breach, FBI, law enforcement, Malware, Phishing, ransomware, Threat Intelligencehttps://thehackernews.com/2026/03/device-code-phishing-hits-340-microsoft.html2026-03-31T18:22:53+05:30The Hacker Newsen2026-03-25T17:04:00+05:30Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth AbuseCloudFlare, cybersecurity, email security, Identity Security, Malware, Microsoft 365, OAuth, Phishing, Threat Intelligencehttps://thehackernews.com/2026/03/fcc-bans-new-foreign-made-routers-over.html2026-03-25T12:41:22+05:30The Hacker Newsen2026-03-25T12:41:00+05:30FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concernsbotnet, critical infrastructure, cyber espionage, cybersecurity, data protection, FCC, Malware, national security, network securityhttps://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html2026-03-25T12:13:24+05:30The Hacker Newsen2026-03-24T23:51:00+05:30TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD CompromiseCI/CD Security, Cloud security, cybersecurity, Kubernetes, Malware, Open Source, Python, supply chain attackhttps://thehackernews.com/2026/03/tax-search-ads-deliver-screenconnect.html2026-03-24T22:35:58+05:30The Hacker Newsen2026-03-24T22:35:00+05:30Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDRcybersecurity, endpoint security, Google Ads, Malware, network security, ransomware, social engineering, Threat Intelligence, windows securityhttps://thehackernews.com/2026/03/5-learnings-from-first-ever-gartner.html2026-03-24T22:06:45+05:30The Hacker Newsen2026-03-24T22:06:05+05:305 Learnings from the First-Ever Gartner Market Guide for Guardian Agentsartificial intelligence, Cloud security, Compliance, cybersecurity, Data Governance, enterprise security, Identity Management, Threat Intelligencehttps://thehackernews.com/2026/03/hackers-use-fake-resumes-to-steal.html2026-03-25T00:39:59+05:30The Hacker Newsen2026-03-24T22:05:00+05:30Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto MinerCredential Theft, cryptocurrency, cybersecurity, endpoint security, enterprise security, Malware, Phishing, Threat Intelligence, VBScripthttps://thehackernews.com/2026/03/the-hidden-cost-of-cybersecurity.html2026-03-24T22:07:13+05:30The Hacker Newsen2026-03-24T17:31:00+05:30The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skillsbusiness security, Cloud security, cybersecurity, Incident response, network security, Security Operations, threat detectionhttps://thehackernews.com/2026/03/ghost-campaign-uses-7-npm-packages-to.html2026-03-25T12:31:02+05:30The Hacker Newsen2026-03-24T17:30:00+05:30Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and CredentialsCredential Theft, Cryptocurrency Theft, cybersecurity, GitHub, MacOS, Malware, node.js, NPM, Remote Access Trojan, supply chain attackhttps://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html2026-03-25T12:04:07+05:30The Hacker Newsen2026-03-24T16:08:00+05:30TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI CredentialsCI/CD Security, Cloud security, cybersecurity, DevSecOps, GitHub, Kubernetes, Malware, supply chain attack, Vulnerabilityhttps://thehackernews.com/2026/03/us-sentences-russian-hacker-to-675.html2026-03-25T14:19:52+05:30The Hacker Newsen2026-03-24T12:19:00+05:30U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damagecryptocurrency, Cybercrime, cybersecurity, data breach, identity theft, law enforcement, Malware, network security, ransomwarehttps://thehackernews.com/2026/03/citrix-urges-patching-critical.html2026-03-24T11:29:39+05:30The Hacker Newsen2026-03-24T11:29:00+05:30Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data LeaksCitrix, cybersecurity, Data Leakage, enterprise security, NetScaler, network security, Vulnerabilityhttps://thehackernews.com/2026/03/north-korean-hackers-abuse-vs-code-auto.html2026-03-25T12:05:49+05:30The Hacker Newsen2026-03-23T23:39:00+05:30North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malwarecybersecurity, GitHub, Malware, node.js, Open Source, social engineering, Software Supply Chain, Threat Intelligence, Visual Studio Codehttps://thehackernews.com/2026/03/weekly-recap-cicd-backdoor-fbi-buys.html2026-03-26T21:08:33+05:30The Hacker Newsen2026-03-23T18:44:00+05:30⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & Moreartificial intelligence, browser security, Cloud security, cybersecurity, Cybersecurity Recap, Identity Security, Malware, network security, Phishing, Vulnerabilityhttps://thehackernews.com/2026/03/we-found-eight-attack-vectors-inside.html2026-03-23T17:25:00+05:30The Hacker Newsen2026-03-23T17:25:00+05:30We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with ThemApplication Security, artificial intelligence, AWS, Cloud security, cybersecurity, data breach, Malware, SaaS Securityhttps://thehackernews.com/2026/03/microsoft-warns-irs-phishing-hits-29000.html2026-03-24T09:47:16+05:30The Hacker Newsen2026-03-23T16:25:00+05:30Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM MalwareCloud security, cybersecurity, email security, Identity Security, Malware, Microsoft, Phishing, Threat Intelligencehttps://thehackernews.com/2026/03/trivy-hack-spreads-infostealer-via.html2026-03-25T20:02:59+05:30The Hacker Newsen2026-03-23T14:01:00+05:30Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes WiperCloud security, cybersecurity, data breach, DevOps, Docker, GitHub, Kubernetes, Malware, Open Source, supply chain attackhttps://thehackernews.com/2026/03/hackers-exploit-cve-2025-32975-cvss-100.html2026-03-23T11:45:55+05:30The Hacker Newsen2026-03-23T11:45:00+05:30Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systemscybersecurity, endpoint security, Malware, network security, remote code execution, Threat Intelligence, Vulnerability, windows securityhttps://thehackernews.com/2026/03/fbi-warns-russian-hackers-target-signal.html2026-03-23T11:10:41+05:30The Hacker Newsen2026-03-21T18:47:00+05:30FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attackscyber espionage, cybersecurity, data security, Phishing, Signal, social engineering, Threat Intelligence, Whatsapphttps://thehackernews.com/2026/03/oracle-patches-critical-cve-2026-21992.html2026-03-21T15:54:59+05:30The Hacker Newsen2026-03-21T15:54:00+05:30Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Managercybersecurity, enterprise security, Identity Management, network security, oracle, Patch Management, remote code execution, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/03/trivy-supply-chain-attack-triggers-self.html2026-03-23T13:23:47+05:30The Hacker Newsen2026-03-21T13:55:00+05:30Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm PackagesBlockchain, cybersecurity, DevOps Security, Malware, NPM, Open Source Security, Python, supply chain attack, Threat Intelligencehttps://thehackernews.com/2026/03/cisa-flags-apple-craft-cms-laravel-bugs.html2026-03-21T13:55:27+05:30The Hacker Newsen2026-03-21T13:55:00+05:30CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026Apple, Craft CMS, cyber espionage, cybersecurity, data security, Laravel, Malware, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/03/trivy-security-scanner-github-actions.html2026-03-24T12:01:23+05:30The Hacker Newsen2026-03-20T23:17:00+05:30Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD SecretsCI/CD, Cloud security, cybersecurity, data exfiltration, DevSecOps, GitHub, Malware, Open Source, supply chain attack, Vulnerabilityhttps://thehackernews.com/2026/03/critical-langflow-flaw-cve-2026-33017.html2026-03-26T11:56:42+05:30The Hacker Newsen2026-03-20T20:45:00+05:30Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosureartificial intelligence, Cloud security, cybersecurity, Open Source, remote code execution, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/03/google-adds-24-hour-wait-for-unverified.html2026-03-20T16:27:01+05:30The Hacker Newsen2026-03-20T16:27:00+05:30Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and ScamsAndroid, cybersecurity, data privacy, Google, Malware, mobile security, Threat Intelligencehttps://thehackernews.com/2026/03/the-importance-of-behavioral-analytics.html2026-03-20T15:30:00+05:30The Hacker Newsen2026-03-20T15:30:00+05:30The Importance of Behavioral Analytics in AI-Enabled Cyber Attacksartificial intelligence, Cloud security, cybersecurity, data protection, Identity Security, insider threat, Malware, Phishing, Zero Trusthttps://thehackernews.com/2026/03/magento-polyshell-flaw-enables.html2026-03-26T11:56:04+05:30The Hacker Newsen2026-03-20T15:00:00+05:30Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account TakeoverAdobe Commerce, API Security, cybersecurity, Magento, Malware, remote code execution, Vulnerability, web security, xsshttps://thehackernews.com/2026/03/doj-disrupts-3-million-device-iot.html2026-03-20T21:40:38+05:30The Hacker Newsen2026-03-20T11:55:00+05:30DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS AttacksAkamai, botnet, CloudFlare, Cybercrime, cybersecurity, ddos, iot security, law enforcement, Malware, network securityhttps://thehackernews.com/2026/03/apple-warns-older-iphones-vulnerable-to.html2026-03-20T15:52:02+05:30The Hacker Newsen2026-03-20T10:46:00+05:30Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit AttacksApple, cybersecurity, iOS, Malware, mobile securityhttps://thehackernews.com/2026/03/speagle-malware-hijacks-cobra-docguard.html2026-03-20T00:46:31+05:30The Hacker Newsen2026-03-20T00:46:00+05:30Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Serverscyber espionage, cybersecurity, encryption, endpoint security, Malware, supply chain attack, Threat Intelligencehttps://thehackernews.com/2026/03/54-edr-killers-use-byovd-to-exploit-34.html2026-03-20T10:06:10+05:30The Hacker Newsen2026-03-20T00:22:00+05:3054 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Securitycybersecurity, endpoint security, Malware, ransomware, threat detection, Threat Intelligence, vulnerability management, windows securityhttps://thehackernews.com/2026/03/threatsday-bulletin-fortigate-raas.html2026-03-19T19:55:20+05:30The Hacker Newsen2026-03-19T19:55:00+05:30ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & Moreartificial intelligence, Cloud security, Cybercrime, cybersecurity, Malware, Privacy, ransomware, Threatsday Bulletin, Vulnerabilityhttps://thehackernews.com/2026/03/new-perseus-android-banking-malware.html2026-03-19T18:17:54+05:30The Hacker Newsen2026-03-19T18:13:00+05:30New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive DataAndroid, banking malware, cryptocurrency, cybersecurity, Malware, mobile security, Phishing, Threat Intelligencehttps://thehackernews.com/2026/03/how-ceros-gives-security-teams.html2026-03-19T16:28:00+05:30The Hacker Newsen2026-03-19T16:28:00+05:30How Ceros Gives Security Teams Visibility and Control in Claude Codeartificial intelligence, Cloud security, Compliance, cybersecurity, data protection, DevSecOps, endpoint security, enterprise security, threat detectionhttps://thehackernews.com/2026/03/darksword-ios-exploit-kit-uses-6-flaws.html2026-03-23T23:12:34+05:30The Hacker Newsen2026-03-19T14:44:00+05:30DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeovercyber espionage, cybersecurity, exploit kit, iOS, Malware, surveillance, Threat Intelligence, Vulnerability, zero-dayhttps://thehackernews.com/2026/03/cisa-warns-of-zimbra-sharepoint-flaw.html2026-03-20T10:06:46+05:30The Hacker Newsen2026-03-19T11:35:00+05:30CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attackscisco, Cloud security, cybersecurity, Malware, network security, ransomware, Threat Intelligence, Vulnerability, zero-dayhttps://thehackernews.com/2026/03/ofac-sanctions-dprk-it-worker-network.html2026-03-19T09:42:26+05:30The Hacker Newsen2026-03-18T22:56:00+05:30OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobsartificial intelligence, cryptocurrency, cybersecurity, data theft, identity theft, insider threat, Malware, North Korea, Sanctions, social engineeringhttps://thehackernews.com/2026/03/interlock-ransomware-exploits-cisco-fmc.html2026-03-21T12:33:42+05:30The Hacker Newsen2026-03-18T21:30:00+05:30Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Accesscisco, Cloud security, cybersecurity, Malware, network security, ransomware, Threat Intelligence, Vulnerability, zero-dayhttps://thehackernews.com/2026/03/critical-telnetd-flaw-cve-2026-32746.html2026-03-20T21:11:46+05:30The Hacker Newsen2026-03-18T18:00:00+05:30Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCEcybersecurity, data protection, linux, network security, Open Source, remote code execution, system security, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/03/claude-code-security-and-magecart.html2026-03-18T17:28:00+05:30The Hacker Newsen2026-03-18T17:28:00+05:30Claude Code Security and Magecart: Getting the Threat Model RightCDN Security, cybersecurity, data exfiltration, JavaScript, Magecart, supply chain attack, web securityhttps://thehackernews.com/2026/03/9-critical-ip-kvm-flaws-enable.html2026-03-18T17:12:19+05:30The Hacker Newsen2026-03-18T17:12:00+05:309 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendorscybersecurity, data security, firmware, hardware security, iot security, network security, Threat Intelligence, Vulnerabilityhttps://thehackernews.com/2026/03/product-walkthrough-how-mesh-csma.html2026-03-18T20:19:26+05:30The Hacker Newsen2026-03-18T16:00:00+05:30Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown JewelsAttack Surface Management, Cloud security, cybersecurity, data security, Identity Security, Risk management, threat detection, Threat Intelligence, vulnerability managementhttps://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html2026-03-19T00:45:21+05:30The Hacker Newsen2026-03-18T13:38:00+05:30Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploitcybersecurity, endpoint security, linux, Open Source, privilege escalation, system security, Ubuntu, Vulnerabilityhttps://thehackernews.com/2026/03/apple-fixes-webkit-vulnerability.html2026-03-18T12:01:22+05:30The Hacker Newsen2026-03-18T12:01:00+05:30Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOSApple, browser security, cybersecurity, iOS, MacOS, Patch Management, Vulnerability, WebKit, zero-dayhttps://thehackernews.com/2026/03/ai-flaws-in-amazon-bedrock-langsmith.html2026-03-17T22:09:05+05:30The Hacker Newsen2026-03-17T22:09:00+05:30AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCEAmazon Web Services, artificial intelligence, Cloud security, cybersecurity, Open Source, remote code execution, Threat Intelligence, Vulnerability