The Hacker News

The Hacker Newshttps://thehackernews.comMost trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to admin@thehackernews.comen-usWed, 22 Apr 2026 14:35:41 +0530hourly1Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bughttps://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.htmlhttps://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.htmlWed, 22 Apr 2026 14:59:00 +0530info@thehackernews.com (The Hacker News)Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circleshttps://thehackernews.com/2026/04/mustang-pandas-new-lotuslite-variant.htmlhttps://thehackernews.com/2026/04/mustang-pandas-new-lotuslite-variant.htmlWed, 22 Apr 2026 13:28:00 +0530info@thehackernews.com (The Hacker News)Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escapehttps://thehackernews.com/2026/04/cohere-ai-terrarium-sandbox-flaw.htmlhttps://thehackernews.com/2026/04/cohere-ai-terrarium-sandbox-flaw.htmlWed, 22 Apr 2026 12:46:00 +0530info@thehackernews.com (The Hacker News)SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operationhttps://thehackernews.com/2026/04/systembc-c2-server-reveals-1570-victims.htmlhttps://thehackernews.com/2026/04/systembc-c2-server-reveals-1570-victims.htmlTue, 21 Apr 2026 23:48:00 +0530info@thehackernews.com (The Hacker News)22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Convertershttps://thehackernews.com/2026/04/22-bridgebreak-flaws-expose-20000.htmlhttps://thehackernews.com/2026/04/22-bridgebreak-flaws-expose-20000.htmlTue, 21 Apr 2026 21:16:00 +0530info@thehackernews.com (The Hacker News)Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023https://thehackernews.com/2026/04/ransomware-negotiator-pleads-guilty-to.htmlhttps://thehackernews.com/2026/04/ransomware-negotiator-pleads-guilty-to.htmlTue, 21 Apr 2026 20:01:00 +0530info@thehackernews.com (The Hacker News)5 Places where Mature SOCs Keep MTTR Fast and Others Waste Timehttps://thehackernews.com/2026/04/5-places-where-mature-socs-keep-mttr.htmlhttps://thehackernews.com/2026/04/5-places-where-mature-socs-keep-mttr.htmlTue, 21 Apr 2026 18:30:00 +0530info@thehackernews.com (The Hacker News)NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINshttps://thehackernews.com/2026/04/ngate-campaign-targets-brazil.htmlhttps://thehackernews.com/2026/04/ngate-campaign-targets-brazil.htmlTue, 21 Apr 2026 18:15:00 +0530info@thehackernews.com (The Hacker News)No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attackshttps://thehackernews.com/2026/04/no-exploit-needed-how-attackers-walk.htmlhttps://thehackernews.com/2026/04/no-exploit-needed-how-attackers-walk.htmlTue, 21 Apr 2026 17:00:00 +0530info@thehackernews.com (The Hacker News)Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Executionhttps://thehackernews.com/2026/04/google-patches-antigravity-ide-flaw.htmlhttps://thehackernews.com/2026/04/google-patches-antigravity-ide-flaw.htmlTue, 21 Apr 2026 15:52:00 +0530info@thehackernews.com (The Hacker News)CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlineshttps://thehackernews.com/2026/04/cisa-adds-8-exploited-flaws-to-kev-sets.htmlhttps://thehackernews.com/2026/04/cisa-adds-8-exploited-flaws-to-kev-sets.htmlTue, 21 Apr 2026 11:53:00 +0530info@thehackernews.com (The Hacker News)SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Fileshttps://thehackernews.com/2026/04/sglang-cve-2026-5760-cvss-98-enables.htmlhttps://thehackernews.com/2026/04/sglang-cve-2026-5760-cvss-98-enables.htmlMon, 20 Apr 2026 22:44:00 +0530info@thehackernews.com (The Hacker News)⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & Morehttps://thehackernews.com/2026/04/weekly-recap-vercel-hack-push-fraud.htmlhttps://thehackernews.com/2026/04/weekly-recap-vercel-hack-push-fraud.htmlMon, 20 Apr 2026 19:11:00 +0530info@thehackernews.com (The Hacker News)Why Most AI Deployments Stall After the Demohttps://thehackernews.com/2026/04/why-most-ai-deployments-stall-after-demo.htmlhttps://thehackernews.com/2026/04/why-most-ai-deployments-stall-after-demo.htmlMon, 20 Apr 2026 17:00:00 +0530info@thehackernews.com (The Hacker News)Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chainhttps://thehackernews.com/2026/04/anthropic-mcp-design-vulnerability.htmlhttps://thehackernews.com/2026/04/anthropic-mcp-design-vulnerability.htmlMon, 20 Apr 2026 16:12:00 +0530info@thehackernews.com (The Hacker News)Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systemshttps://thehackernews.com/2026/04/researchers-detect-zionsiphon-malware.htmlhttps://thehackernews.com/2026/04/researchers-detect-zionsiphon-malware.htmlMon, 20 Apr 2026 13:04:00 +0530info@thehackernews.com (The Hacker News)Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentialshttps://thehackernews.com/2026/04/vercel-breach-tied-to-context-ai-hack.htmlhttps://thehackernews.com/2026/04/vercel-breach-tied-to-context-ai-hack.htmlMon, 20 Apr 2026 09:05:00 +0530info@thehackernews.com (The Hacker News)[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Datahttps://thehackernews.com/2026/04/webinar-find-and-eliminate-orphaned-non.htmlhttps://thehackernews.com/2026/04/webinar-find-and-eliminate-orphaned-non.htmlSat, 18 Apr 2026 13:37:00 +0530info@thehackernews.com (The Hacker News)$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claimshttps://thehackernews.com/2026/04/1374m-hack-shuts-down-sanctioned-grinex.htmlhttps://thehackernews.com/2026/04/1374m-hack-shuts-down-sanctioned-grinex.htmlSat, 18 Apr 2026 13:29:00 +0530info@thehackernews.com (The Hacker News)Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnethttps://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.htmlhttps://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.htmlSat, 18 Apr 2026 11:31:00 +0530info@thehackernews.com (The Hacker News)Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatchedhttps://thehackernews.com/2026/04/three-microsoft-defender-zero-days.htmlhttps://thehackernews.com/2026/04/three-microsoft-defender-zero-days.htmlFri, 17 Apr 2026 18:51:00 +0530info@thehackernews.com (The Hacker News)Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaulhttps://thehackernews.com/2026/04/google-blocks-83b-policy-violating-ads.htmlhttps://thehackernews.com/2026/04/google-blocks-83b-policy-violating-ads.htmlFri, 17 Apr 2026 16:17:00 +0530info@thehackernews.com (The Hacker News)NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissionshttps://thehackernews.com/2026/04/nist-limits-cve-enrichment-after-263.htmlhttps://thehackernews.com/2026/04/nist-limits-cve-enrichment-after-263.htmlFri, 17 Apr 2026 12:44:00 +0530info@thehackernews.com (The Hacker News)Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accountshttps://thehackernews.com/2026/04/operation-poweroff-seizes-53-ddos.htmlhttps://thehackernews.com/2026/04/operation-poweroff-seizes-53-ddos.htmlFri, 17 Apr 2026 11:16:00 +0530info@thehackernews.com (The Hacker News)Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitationhttps://thehackernews.com/2026/04/apache-activemq-cve-2026-34197-added-to.htmlhttps://thehackernews.com/2026/04/apache-activemq-cve-2026-34197-added-to.htmlFri, 17 Apr 2026 08:52:00 +0530info@thehackernews.com (The Hacker News)Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffichttps://thehackernews.com/2026/04/newly-discovered-powmix-botnet-hits.htmlhttps://thehackernews.com/2026/04/newly-discovered-powmix-botnet-hits.htmlThu, 16 Apr 2026 23:22:00 +0530info@thehackernews.com (The Hacker News)ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Storieshttps://thehackernews.com/2026/04/threatsday-bulletin-17-year-old-excel.htmlhttps://thehackernews.com/2026/04/threatsday-bulletin-17-year-old-excel.htmlThu, 16 Apr 2026 18:35:00 +0530info@thehackernews.com (The Hacker News)Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Executionhttps://thehackernews.com/2026/04/cisco-patches-four-critical-identity.htmlhttps://thehackernews.com/2026/04/cisco-patches-four-critical-identity.htmlThu, 16 Apr 2026 16:57:00 +0530info@thehackernews.com (The Hacker News)Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attackshttps://thehackernews.com/2026/04/obsidian-plugin-abuse-delivers.htmlhttps://thehackernews.com/2026/04/obsidian-plugin-abuse-delivers.htmlThu, 16 Apr 2026 15:50:00 +0530info@thehackernews.com (The Hacker News)UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaignhttps://thehackernews.com/2026/04/uac-0247-targets-ukrainian-clinics-and.htmlhttps://thehackernews.com/2026/04/uac-0247-targets-ukrainian-clinics-and.htmlThu, 16 Apr 2026 11:50:00 +0530info@thehackernews.com (The Hacker News)n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emailshttps://thehackernews.com/2026/04/n8n-webhooks-abused-since-october-2025.htmlhttps://thehackernews.com/2026/04/n8n-webhooks-abused-since-october-2025.htmlWed, 15 Apr 2026 22:39:00 +0530info@thehackernews.com (The Hacker News)Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeoverhttps://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.htmlhttps://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.htmlWed, 15 Apr 2026 18:26:00 +0530info@thehackernews.com (The Hacker News)April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and Morehttps://thehackernews.com/2026/04/april-patch-tuesday-fixes-critical.htmlhttps://thehackernews.com/2026/04/april-patch-tuesday-fixes-critical.htmlWed, 15 Apr 2026 18:07:00 +0530info@thehackernews.com (The Hacker News)Deterministic + Agentic AI: The Architecture Exposure Validation Requireshttps://thehackernews.com/2026/04/deterministic-agentic-ai-architecture.htmlhttps://thehackernews.com/2026/04/deterministic-agentic-ai-architecture.htmlWed, 15 Apr 2026 17:00:00 +0530info@thehackernews.com (The Hacker News)Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilitieshttps://thehackernews.com/2026/04/microsoft-issues-patches-for-sharepoint.htmlhttps://thehackernews.com/2026/04/microsoft-issues-patches-for-sharepoint.htmlWed, 15 Apr 2026 14:10:00 +0530info@thehackernews.com (The Hacker News)OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teamshttps://thehackernews.com/2026/04/openai-launches-gpt-54-cyber-with.htmlhttps://thehackernews.com/2026/04/openai-launches-gpt-54-cyber-with.htmlWed, 15 Apr 2026 10:00:00 +0530info@thehackernews.com (The Hacker News)New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Releasedhttps://thehackernews.com/2026/04/new-php-composer-flaws-enable-arbitrary.htmlhttps://thehackernews.com/2026/04/new-php-composer-flaws-enable-arbitrary.htmlTue, 14 Apr 2026 21:27:00 +0530info@thehackernews.com (The Hacker News)Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Securityhttps://thehackernews.com/2026/04/google-adds-rust-based-dns-parser-into.htmlhttps://thehackernews.com/2026/04/google-adds-rust-based-dns-parser-into.htmlTue, 14 Apr 2026 20:26:00 +0530info@thehackernews.com (The Hacker News)AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraudhttps://thehackernews.com/2026/04/ai-driven-pushpaganda-scam-exploits.htmlhttps://thehackernews.com/2026/04/ai-driven-pushpaganda-scam-exploits.htmlTue, 14 Apr 2026 20:00:00 +0530info@thehackernews.com (The Hacker News)Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Adshttps://thehackernews.com/2026/04/mirax-android-rat-turns-devices-into.htmlhttps://thehackernews.com/2026/04/mirax-android-rat-turns-devices-into.htmlTue, 14 Apr 2026 15:50:00 +0530info@thehackernews.com (The Hacker News)Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)https://thehackernews.com/2026/04/analysis-of-216m-security-findings.htmlhttps://thehackernews.com/2026/04/analysis-of-216m-security-findings.htmlTue, 14 Apr 2026 15:30:00 +0530info@thehackernews.com (The Hacker News)108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Usershttps://thehackernews.com/2026/04/108-malicious-chrome-extensions-steal.htmlhttps://thehackernews.com/2026/04/108-malicious-chrome-extensions-steal.htmlTue, 14 Apr 2026 14:05:00 +0530info@thehackernews.com (The Hacker News)ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servershttps://thehackernews.com/2026/04/showdoc-rce-flaw-cve-2025-0520-actively.htmlhttps://thehackernews.com/2026/04/showdoc-rce-flaw-cve-2025-0520-actively.htmlTue, 14 Apr 2026 11:20:00 +0530info@thehackernews.com (The Hacker News)CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Softwarehttps://thehackernews.com/2026/04/cisa-adds-6-known-exploited-flaws-in.htmlhttps://thehackernews.com/2026/04/cisa-adds-6-known-exploited-flaws-in.htmlTue, 14 Apr 2026 11:09:00 +0530info@thehackernews.com (The Hacker News)JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025https://thehackernews.com/2026/04/janelarat-malware-targets-latin.htmlhttps://thehackernews.com/2026/04/janelarat-malware-targets-latin.htmlMon, 13 Apr 2026 22:45:00 +0530info@thehackernews.com (The Hacker News)FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attemptshttps://thehackernews.com/2026/04/fbi-and-indonesian-police-dismantle.htmlhttps://thehackernews.com/2026/04/fbi-and-indonesian-police-dismantle.htmlMon, 13 Apr 2026 20:16:00 +0530info@thehackernews.com (The Hacker News)⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and Morehttps://thehackernews.com/2026/04/weekly-recap-fiber-optic-spying-windows.htmlhttps://thehackernews.com/2026/04/weekly-recap-fiber-optic-spying-windows.htmlMon, 13 Apr 2026 18:31:00 +0530info@thehackernews.com (The Hacker News)Your MTTD Looks Great. Your Post-Alert Gap Doesn'thttps://thehackernews.com/2026/04/your-mttd-looks-great-your-post-alert.htmlhttps://thehackernews.com/2026/04/your-mttd-looks-great-your-post-alert.htmlMon, 13 Apr 2026 17:11:00 +0530info@thehackernews.com (The Hacker News)North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malwarehttps://thehackernews.com/2026/04/north-koreas-apt37-uses-facebook-social.htmlhttps://thehackernews.com/2026/04/north-koreas-apt37-uses-facebook-social.htmlMon, 13 Apr 2026 14:45:00 +0530info@thehackernews.com (The Hacker News)OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incidenthttps://thehackernews.com/2026/04/openai-revokes-macos-app-certificate.htmlhttps://thehackernews.com/2026/04/openai-revokes-macos-app-certificate.htmlMon, 13 Apr 2026 12:20:00 +0530info@thehackernews.com (The Hacker News)