The Hacker News

The Hacker Newshttps://thehackernews.comMost trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to admin@thehackernews.comen-usFri, 24 Apr 2026 18:43:48 +0530hourly1Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Enginehttps://thehackernews.com/2026/04/bridging-ai-agent-authority-gap.htmlhttps://thehackernews.com/2026/04/bridging-ai-agent-authority-gap.htmlFri, 24 Apr 2026 17:19:00 +0530info@thehackernews.com (The Hacker News)26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phraseshttps://thehackernews.com/2026/04/26-fakewallet-apps-found-on-apple-app.htmlhttps://thehackernews.com/2026/04/26-fakewallet-apps-found-on-apple-app.htmlFri, 24 Apr 2026 17:18:00 +0530info@thehackernews.com (The Hacker News)Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2https://thehackernews.com/2026/04/tropic-trooper-uses-trojanized.htmlhttps://thehackernews.com/2026/04/tropic-trooper-uses-trojanized.htmlFri, 24 Apr 2026 14:59:00 +0530info@thehackernews.com (The Hacker News)LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosurehttps://thehackernews.com/2026/04/lmdeploy-cve-2026-33626-flaw-exploited.htmlhttps://thehackernews.com/2026/04/lmdeploy-cve-2026-33626-flaw-exploited.htmlFri, 24 Apr 2026 12:54:00 +0530info@thehackernews.com (The Hacker News)UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malwarehttps://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.htmlhttps://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.htmlThu, 23 Apr 2026 23:46:00 +0530info@thehackernews.com (The Hacker News)Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaignhttps://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.htmlhttps://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.htmlThu, 23 Apr 2026 19:12:00 +0530info@thehackernews.com (The Hacker News)ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Storieshttps://thehackernews.com/2026/04/threatsday-bulletin-290m-defi-hack.htmlhttps://thehackernews.com/2026/04/threatsday-bulletin-290m-defi-hack.htmlThu, 23 Apr 2026 18:47:00 +0530info@thehackernews.com (The Hacker News)[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speedhttps://thehackernews.com/2026/04/webinar-mythos-reality-check-beating.htmlhttps://thehackernews.com/2026/04/webinar-mythos-reality-check-beating.htmlThu, 23 Apr 2026 17:33:00 +0530info@thehackernews.com (The Hacker News)Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?https://thehackernews.com/2026/04/project-glasswing-proved-ai-can-find.htmlhttps://thehackernews.com/2026/04/project-glasswing-proved-ai-can-find.htmlThu, 23 Apr 2026 17:00:00 +0530info@thehackernews.com (The Hacker News)China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoorshttps://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.htmlhttps://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.htmlThu, 23 Apr 2026 14:34:00 +0530info@thehackernews.com (The Hacker News)Vercel Finds More Compromised Accounts in Context.ai-Linked Breachhttps://thehackernews.com/2026/04/vercel-finds-more-compromised-accounts.htmlhttps://thehackernews.com/2026/04/vercel-finds-more-compromised-accounts.htmlThu, 23 Apr 2026 14:10:00 +0530info@thehackernews.com (The Hacker News)Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messageshttps://thehackernews.com/2026/04/apple-patches-ios-flaw-that-stored.htmlhttps://thehackernews.com/2026/04/apple-patches-ios-flaw-that-stored.htmlThu, 23 Apr 2026 13:36:00 +0530info@thehackernews.com (The Hacker News)Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chainhttps://thehackernews.com/2026/04/malicious-kics-docker-images-and-vs.htmlhttps://thehackernews.com/2026/04/malicious-kics-docker-images-and-vs.htmlWed, 22 Apr 2026 23:25:00 +0530info@thehackernews.com (The Hacker News)Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokenshttps://thehackernews.com/2026/04/self-propagating-supply-chain-worm.htmlhttps://thehackernews.com/2026/04/self-propagating-supply-chain-worm.htmlWed, 22 Apr 2026 23:03:00 +0530info@thehackernews.com (The Hacker News)Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph APIhttps://thehackernews.com/2026/04/harvester-deploys-linux-gogra-backdoor.htmlhttps://thehackernews.com/2026/04/harvester-deploys-linux-gogra-backdoor.htmlWed, 22 Apr 2026 20:58:00 +0530info@thehackernews.com (The Hacker News)Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attackhttps://thehackernews.com/2026/04/lotus-wiper-malware-targets-venezuelan.htmlhttps://thehackernews.com/2026/04/lotus-wiper-malware-targets-venezuelan.htmlWed, 22 Apr 2026 16:25:00 +0530info@thehackernews.com (The Hacker News)Toxic Combinations: When Cross-App Permissions Stack into Riskhttps://thehackernews.com/2026/04/toxic-combinations-when-cross-app.htmlhttps://thehackernews.com/2026/04/toxic-combinations-when-cross-app.htmlWed, 22 Apr 2026 16:11:36 +0530info@thehackernews.com (The Hacker News)Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bughttps://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.htmlhttps://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.htmlWed, 22 Apr 2026 14:59:00 +0530info@thehackernews.com (The Hacker News)Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circleshttps://thehackernews.com/2026/04/mustang-pandas-new-lotuslite-variant.htmlhttps://thehackernews.com/2026/04/mustang-pandas-new-lotuslite-variant.htmlWed, 22 Apr 2026 13:28:00 +0530info@thehackernews.com (The Hacker News)Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escapehttps://thehackernews.com/2026/04/cohere-ai-terrarium-sandbox-flaw.htmlhttps://thehackernews.com/2026/04/cohere-ai-terrarium-sandbox-flaw.htmlWed, 22 Apr 2026 12:46:00 +0530info@thehackernews.com (The Hacker News)SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operationhttps://thehackernews.com/2026/04/systembc-c2-server-reveals-1570-victims.htmlhttps://thehackernews.com/2026/04/systembc-c2-server-reveals-1570-victims.htmlTue, 21 Apr 2026 23:48:00 +0530info@thehackernews.com (The Hacker News)22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Convertershttps://thehackernews.com/2026/04/22-bridgebreak-flaws-expose-20000.htmlhttps://thehackernews.com/2026/04/22-bridgebreak-flaws-expose-20000.htmlTue, 21 Apr 2026 21:16:00 +0530info@thehackernews.com (The Hacker News)Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023https://thehackernews.com/2026/04/ransomware-negotiator-pleads-guilty-to.htmlhttps://thehackernews.com/2026/04/ransomware-negotiator-pleads-guilty-to.htmlTue, 21 Apr 2026 20:01:00 +0530info@thehackernews.com (The Hacker News)5 Places where Mature SOCs Keep MTTR Fast and Others Waste Timehttps://thehackernews.com/2026/04/5-places-where-mature-socs-keep-mttr.htmlhttps://thehackernews.com/2026/04/5-places-where-mature-socs-keep-mttr.htmlTue, 21 Apr 2026 18:30:00 +0530info@thehackernews.com (The Hacker News)NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINshttps://thehackernews.com/2026/04/ngate-campaign-targets-brazil.htmlhttps://thehackernews.com/2026/04/ngate-campaign-targets-brazil.htmlTue, 21 Apr 2026 18:15:00 +0530info@thehackernews.com (The Hacker News)No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attackshttps://thehackernews.com/2026/04/no-exploit-needed-how-attackers-walk.htmlhttps://thehackernews.com/2026/04/no-exploit-needed-how-attackers-walk.htmlTue, 21 Apr 2026 17:00:00 +0530info@thehackernews.com (The Hacker News)Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Executionhttps://thehackernews.com/2026/04/google-patches-antigravity-ide-flaw.htmlhttps://thehackernews.com/2026/04/google-patches-antigravity-ide-flaw.htmlTue, 21 Apr 2026 15:52:00 +0530info@thehackernews.com (The Hacker News)CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlineshttps://thehackernews.com/2026/04/cisa-adds-8-exploited-flaws-to-kev-sets.htmlhttps://thehackernews.com/2026/04/cisa-adds-8-exploited-flaws-to-kev-sets.htmlTue, 21 Apr 2026 11:53:00 +0530info@thehackernews.com (The Hacker News)SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Fileshttps://thehackernews.com/2026/04/sglang-cve-2026-5760-cvss-98-enables.htmlhttps://thehackernews.com/2026/04/sglang-cve-2026-5760-cvss-98-enables.htmlMon, 20 Apr 2026 22:44:00 +0530info@thehackernews.com (The Hacker News)⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & Morehttps://thehackernews.com/2026/04/weekly-recap-vercel-hack-push-fraud.htmlhttps://thehackernews.com/2026/04/weekly-recap-vercel-hack-push-fraud.htmlMon, 20 Apr 2026 19:11:00 +0530info@thehackernews.com (The Hacker News)Why Most AI Deployments Stall After the Demohttps://thehackernews.com/2026/04/why-most-ai-deployments-stall-after-demo.htmlhttps://thehackernews.com/2026/04/why-most-ai-deployments-stall-after-demo.htmlMon, 20 Apr 2026 17:00:00 +0530info@thehackernews.com (The Hacker News)Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chainhttps://thehackernews.com/2026/04/anthropic-mcp-design-vulnerability.htmlhttps://thehackernews.com/2026/04/anthropic-mcp-design-vulnerability.htmlMon, 20 Apr 2026 16:12:00 +0530info@thehackernews.com (The Hacker News)Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systemshttps://thehackernews.com/2026/04/researchers-detect-zionsiphon-malware.htmlhttps://thehackernews.com/2026/04/researchers-detect-zionsiphon-malware.htmlMon, 20 Apr 2026 13:04:00 +0530info@thehackernews.com (The Hacker News)Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentialshttps://thehackernews.com/2026/04/vercel-breach-tied-to-context-ai-hack.htmlhttps://thehackernews.com/2026/04/vercel-breach-tied-to-context-ai-hack.htmlMon, 20 Apr 2026 09:05:00 +0530info@thehackernews.com (The Hacker News)[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Datahttps://thehackernews.com/2026/04/webinar-find-and-eliminate-orphaned-non.htmlhttps://thehackernews.com/2026/04/webinar-find-and-eliminate-orphaned-non.htmlSat, 18 Apr 2026 13:37:00 +0530info@thehackernews.com (The Hacker News)$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claimshttps://thehackernews.com/2026/04/1374m-hack-shuts-down-sanctioned-grinex.htmlhttps://thehackernews.com/2026/04/1374m-hack-shuts-down-sanctioned-grinex.htmlSat, 18 Apr 2026 13:29:00 +0530info@thehackernews.com (The Hacker News)Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnethttps://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.htmlhttps://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.htmlSat, 18 Apr 2026 11:31:00 +0530info@thehackernews.com (The Hacker News)Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatchedhttps://thehackernews.com/2026/04/three-microsoft-defender-zero-days.htmlhttps://thehackernews.com/2026/04/three-microsoft-defender-zero-days.htmlFri, 17 Apr 2026 18:51:00 +0530info@thehackernews.com (The Hacker News)Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaulhttps://thehackernews.com/2026/04/google-blocks-83b-policy-violating-ads.htmlhttps://thehackernews.com/2026/04/google-blocks-83b-policy-violating-ads.htmlFri, 17 Apr 2026 16:17:00 +0530info@thehackernews.com (The Hacker News)NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissionshttps://thehackernews.com/2026/04/nist-limits-cve-enrichment-after-263.htmlhttps://thehackernews.com/2026/04/nist-limits-cve-enrichment-after-263.htmlFri, 17 Apr 2026 12:44:00 +0530info@thehackernews.com (The Hacker News)Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accountshttps://thehackernews.com/2026/04/operation-poweroff-seizes-53-ddos.htmlhttps://thehackernews.com/2026/04/operation-poweroff-seizes-53-ddos.htmlFri, 17 Apr 2026 11:16:00 +0530info@thehackernews.com (The Hacker News)Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitationhttps://thehackernews.com/2026/04/apache-activemq-cve-2026-34197-added-to.htmlhttps://thehackernews.com/2026/04/apache-activemq-cve-2026-34197-added-to.htmlFri, 17 Apr 2026 08:52:00 +0530info@thehackernews.com (The Hacker News)Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffichttps://thehackernews.com/2026/04/newly-discovered-powmix-botnet-hits.htmlhttps://thehackernews.com/2026/04/newly-discovered-powmix-botnet-hits.htmlThu, 16 Apr 2026 23:22:00 +0530info@thehackernews.com (The Hacker News)ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Storieshttps://thehackernews.com/2026/04/threatsday-bulletin-17-year-old-excel.htmlhttps://thehackernews.com/2026/04/threatsday-bulletin-17-year-old-excel.htmlThu, 16 Apr 2026 18:35:00 +0530info@thehackernews.com (The Hacker News)Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Executionhttps://thehackernews.com/2026/04/cisco-patches-four-critical-identity.htmlhttps://thehackernews.com/2026/04/cisco-patches-four-critical-identity.htmlThu, 16 Apr 2026 16:57:00 +0530info@thehackernews.com (The Hacker News)Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attackshttps://thehackernews.com/2026/04/obsidian-plugin-abuse-delivers.htmlhttps://thehackernews.com/2026/04/obsidian-plugin-abuse-delivers.htmlThu, 16 Apr 2026 15:50:00 +0530info@thehackernews.com (The Hacker News)UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaignhttps://thehackernews.com/2026/04/uac-0247-targets-ukrainian-clinics-and.htmlhttps://thehackernews.com/2026/04/uac-0247-targets-ukrainian-clinics-and.htmlThu, 16 Apr 2026 11:50:00 +0530info@thehackernews.com (The Hacker News)n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emailshttps://thehackernews.com/2026/04/n8n-webhooks-abused-since-october-2025.htmlhttps://thehackernews.com/2026/04/n8n-webhooks-abused-since-october-2025.htmlWed, 15 Apr 2026 22:39:00 +0530info@thehackernews.com (The Hacker News)Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeoverhttps://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.htmlhttps://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.htmlWed, 15 Apr 2026 18:26:00 +0530info@thehackernews.com (The Hacker News)April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and Morehttps://thehackernews.com/2026/04/april-patch-tuesday-fixes-critical.htmlhttps://thehackernews.com/2026/04/april-patch-tuesday-fixes-critical.htmlWed, 15 Apr 2026 18:07:00 +0530info@thehackernews.com (The Hacker News)