Top Stories
Recent Posts
-
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI)…
-
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js…
-
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1…
-
The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open
For nearly 20 years, we at The Hacker News have mostly told…
-
Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks
Google has announced expanded Binary Transparency for Android as a way to…
-
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
A newly identified supply chain attack targeting DAEMON Tools software has compromised…
-
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
The Apache Software Foundation (ASF) has released security updates to address several…
-
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a…
-
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation…
-
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
An active phishing campaign has been observed targeting multiple vectors since at…
