New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation... 2026-5-14 07:6:15 | 阅读: 36 | 收藏 | The Hacker News - thehackernews.com dirty frag xfrm v12

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE Vulnerability / Web ServerCybersecurity researchers have disclosed multiple security vulnerabiliti... 2026-5-14 06:0:9 | 阅读: 40 | 收藏 | The Hacker News - thehackernews.com attacker remote ngx 2026 directive

Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday Vulnerability / Artificial IntelligenceMicrosoft has unveiled a new multi-model artificial intelli... 2026-5-13 13:46:2 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com mdash agents windows agentic

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation Cyber Espionage / MalwareA threat actor with affiliations to China has been linked to a "multi-wav... 2026-5-13 13:0:0 | 阅读: 39 | 收藏 | The Hacker News - thehackernews.com deed 2026 terndoor loader bitdefender

[Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It) TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz and Okta/GitLab to learn how... 2026-5-13 11:52:43 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com cloud toast briefing lethal okta

Most Remediation Programs Never Confirm the Fix Actually Worked Cloud Security / AutomationSecurity teams have never had better visibility into their environments... 2026-5-13 11:30:0 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com security exposure validated consolidate

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfo... 2026-5-13 10:36:10 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com attacker 2026 microsoft network security

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data Software Supply Chain / Data ExfiltrationCybersecurity researchers are calling attention to a new... 2026-5-13 08:8:54 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com rubygems gem scraped gems council

Android Adds Intrusion Logging for Sophisticated Spyware Forensics Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forens... 2026-5-13 06:55:42 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com security decrypted expanding chrome

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution Vulnerability / Email SecurityExim has released security updates to address a severe security issu... 2026-5-12 16:44:0 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com exim bdat security corruption xbow

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded Supply Chain Attack / Software SecurityRubyGems, the standard package manager for the Ruby program... 2026-5-12 14:47:0 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com software rubygems malicious temporarily paused

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots Malware / Mobile SecurityCybersecurity researchers have flagged a new version of the TrickMo Andro... 2026-5-12 12:50:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com network trickmo ton proxy

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help Threat Detection / AI SecurityWhy do the Riskiest SOC Alerts Go Unanswered?Security operations te... 2026-5-12 11:58:0 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com security radiant triage gap webinar

Why Agentic AI Is Security's Next Blind Spot Agentic AI is already running in production environments across many organizations today. It is exe... 2026-5-12 10:30:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com security agents agentic

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages Supply Chain Attack / MalwareTeamPCP, the threat actor behind the recent supply chain attack spree... 2026-5-12 08:50:0 | 阅读: 50 | 收藏 | The Hacker News - thehackernews.com github tanstack pypi malicious squawk

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak Vulnerability / Network SecurityAmerican educational technology company Instructure, the parent co... 2026-5-12 07:37:0 | 阅读: 40 | 收藏 | The Hacker News - thehackernews.com instructure extortion agreement parents

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation Vulnerability / AI SecurityOpenAI has launched Daybreak, a new cybersecurity initiative that bring... 2026-5-12 06:55:0 | 阅读: 42 | 收藏 | The Hacker News - thehackernews.com security openai codex gpt daybreak

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android Encryption / Mobile SecurityApple on Monday officially released iOS 26.5 with support for end-to-e... 2026-5-12 05:18:0 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com rcs e2ee gsma encryption

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack Supply Chain Attack / DevSecOpsCheckmarx has confirmed that a modified version of the Jenkins AST... 2026-5-11 18:30:0 | 阅读: 25 | 收藏 | The Hacker News - thehackernews.com checkmarx teampcp jenkins github repository

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor Vulnerability / RansomwareA threat actor named Mr_Rot13 has been attributed to the exploitation of... 2026-5-11 17:54:0 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com xlab cpanel remote rot13 php