PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux Malware / Threat IntelligenceCybersecurity researchers have discovered three packages on the Pytho... 2026-5-7 09:20:0 | 阅读: 42 | 收藏 | The Hacker News - thehackernews.com pypi zichatbot c2 windows

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution Vulnerability / Software SecurityA dozen critical security vulnerabilities have been disclosed in... 2026-5-7 04:15:0 | 阅读: 38 | 收藏 | The Hacker News - thehackernews.com 2026 affects attacker permits vm2

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1... 2026-5-6 20:21:0 | 阅读: 62 | 收藏 | The Hacker News - thehackernews.com hunt bandwidth xlabs tier boxes

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and S... 2026-5-6 13:0:0 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com ransomware microsoft extortion rapid7 remote

The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open Security Leadership / Industry RecognitionFor nearly 20 years, we at The Hacker News have mostly t... 2026-5-6 12:3:0 | 阅读: 38 | 收藏 | The Hacker News - thehackernews.com awards security 2026 innovation

Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing? Analysts recently confirmed what identity security teams have quietly feared: AI agents are being d... 2026-5-6 10:57:0 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com agents orchid security identities machine

Google's Android Apps Get Public Verification to Stop Supply Chain Attacks Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem f... 2026-5-6 09:13:0 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com software security developers initiative

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs Endpoint Security / Threat IntelligenceCybersecurity researchers have disclosed details of an intr... 2026-5-6 08:34:0 | 阅读: 37 | 收藏 | The Hacker News - thehackernews.com cloudz pheno c2 windows exfiltrate

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution Vulnerability / Network SecurityPalo Alto Networks has released an advisory warning that a critica... 2026-5-6 06:14:0 | 阅读: 36 | 收藏 | The Hacker News - thehackernews.com pan alto palo h6

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE Vulnerability / Server SecurityThe Apache Software Foundation (ASF) has released security updates... 2026-5-5 16:19:0 | 阅读: 30 | 收藏 | The Hacker News - thehackernews.com dmitruk 23918 security http2 2026

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware Endpoint Security / Software SecurityA newly identified supply chain attack targeting DAEMON Tools... 2026-5-5 16:7:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com software security 2026 russia installers

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions Network Security / Endpoint SecurityA sophisticated China-nexus advanced persistent threat (APT) g... 2026-5-5 14:19:0 | 阅读: 33 | 收藏 | The Hacker News - thehackernews.com uat 8302 earth vshell assessed

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed Every AI tool, workflow automation, and productivity app your employees connected to Google or Micr... 2026-5-5 11:58:0 | 阅读: 35 | 收藏 | The Hacker News - thehackernews.com security grants monitoring drift

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks Vulnerability / Network SecurityThreat actors are actively exploiting a critical security flaw imp... 2026-5-5 11:56:0 | 阅读: 35 | 收藏 | The Hacker News - thehackernews.com metinfo security php 2026 remote

We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is While the software industry has made genuine strides over the past few decades to deliver products... 2026-5-5 10:30:0 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com chatbots security llm attacker

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows Cyber Espionage / SurveillanceThe North Korea-aligned state-sponsored hacking group known as ScarC... 2026-5-5 09:7:0 | 阅读: 34 | 收藏 | The Hacker News - thehackernews.com windows birdcall sqgame rokrat north

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API Vulnerability / Network SecurityA critical security vulnerability in Weaver (Fanwei) E-cology, an... 2026-5-5 07:37:0 | 阅读: 36 | 收藏 | The Hacker News - thehackernews.com 2026 security weaver attacker cology

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a com... 2026-5-5 06:35:0 | 阅读: 33 | 收藏 | The Hacker News - thehackernews.com phishing microsoft 2026 malicious captcha

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools Network Security / Endpoint SecurityAn active phishing campaign has been observed targeting multip... 2026-5-4 18:6:0 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com simplehelp remote security victim attacker

Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass Vulnerability / Enterprise SoftwareProgress Software has released updates to address two security... 2026-5-4 16:34:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com moveit software bypass