Search results for Cybersecurity Conference 2026 | Breaking Cybersecurity News | The Hacker News

Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories. This edition covers a mix of issues: supply chain attacks hitting CI/CD setups, long-abused IoT devices being shut down, and exploits moving quickly from disclosure to real attacks. There are also new malware tricks showing attackers are becoming more patient and creative. It’s a mix of old problems that never go away and new methods that are harder to detect. There are quiet state-backed activities, exposed data from open directories, growing mobile threats, and a steady stream of zero-days and rushed patches. Grab a coffee, and at least skim the CVE list. Some of these are the kind you don’t want to discover after the damage is done. ⚡ Threat of the Week Trivy Vulnerability Scanner Breached in for Supply Chain Attack — Attackers have backdoored the widely used open-source Trivy vulnerability scanner, ...

Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are different, but the pressure points are familiar. Across devices, cloud services, research labs, and even everyday apps, the line between normal behavior and hidden risk keeps getting thinner. Tools meant to protect, update, or improve systems are also becoming pathways when something goes wrong. This recap gathers the signals in one place. Quick reads, real impact, and developments that deserve a closer look before they become next week’s bigger problem. ⚡ Threat of the Week Dell RecoverPoint for VMs Zero-Day Exploited — A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024. The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a ca...

Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and meticulously planned social engineering operation undertaken by the Democratic People's Republic of Korea (DPRK) that began in the fall of 2025. The Solana-based decentralized exchange described it as "an attack six months in the making," attributing it with medium confidence to a North Korean state-sponsored hacking group dubbed UNC4736 , which is also tracked under the cyptonyms AppleJeus, Citrine Sleet, Golden Chollima, and Gleaming Pisces. The threat actor has a history of targeting the cryptocurrency sector for financial theft since at least 2018. It's best known for the X_TRADER/3CX supply chain breach in 2023 and the $53 million hack of decentralized finance (DeFi) platform Radiant Capital in October 2024. "The basis for this connection is both on-chain (f...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the implementation of the DCE/RPC protocol that could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet. It was resolved by Broadcom in June 2024, along with CVE-2024-37080, another heap overflow in the implementation of the DCE/RPC protocol that could lead to remote code execution. Chinese cybersecurity company QiAnXin LegendSec researchers Hao Zheng and Zibo Li were credited with discovering and reporting the issues. In a presentation at the Black Hat Asia security conference in April 2025, the researchers said ...

Some weeks in security feel loud. This one feels sneaky. Less big dramatic fireworks, more of that slow creeping sense that too many people are getting way too comfortable abusing things they probably shouldn’t even be touching. There’s a little bit of everything in this one, too. Weird delivery tricks, old problems coming back in slightly worse forms, shady infrastructure doing shady infrastructure things, and the usual reminder that if criminals find a workflow annoying, they’ll just make a new one by Friday. Efficient little parasites. You almost have to respect the commitment. A few of these updates have that nasty “yeah, that tracks” energy. Stuff that sounds niche right up until you picture it landing in a real environment with real users clicking real nonsense because they’re busy and tired and just trying to get through the day. Then it stops being abstract pretty fast. So yeah, this week’s ThreatsDay Bulletin is a solid scroll-befor...