The Hacker News
210 articles in the Truth Foundry index. Each links out to the original.
- WordPress Core Flaw Enables Unauthenticated Remote Code Execution on Default Installs · WordPress versions 6.9.0-6.9.4 and 7.0.0-7.0.1 contain a pre-auth RCE vulnerability fixed in 6.9.5 and 7.0.2 on July 17, 2026.
- OpenSSL HollowByte Flaw Freezes Server Memory via 11-Byte TLS Requests · OpenSSL's HollowByte bug lets attackers exhaust server memory with tiny TLS handshakes, fixed silently in June releases.
- Seven Malicious npm Packages Target Vite with Blockchain C2 RAT · Checkmarx uncovers seven malicious Vite npm packages using four-tier blockchain C2 on Tron, Aptos, and BSC to deliver a RAT.
- GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft · Expel attributes the April 2026 DigiCert breach to the CylindricalCanine subgroup of the GoldenEyeDog cybercrime group.
- Two Teen Hackers Sentenced to 5.5 Years for £29M TfL Cyberattack · Owen Flowers and Thalha Jubair jailed for hacking Transport for London's network in 2024.
- ThreatsDay: Game Cheats, Ransomware, and Chrome Sync Stalking Exposed · Cybersecurity researchers reveal a week of threats including game cheat spyware, new ransomware, and credential theft campaigns.
- Brazilian Gov Websites Hijacked as Malware Delivery Channels in PhantomEnigma Campaign · ANY.RUN researchers uncovered a campaign hijacking over 20 Brazilian government sites to distribute malware.
- Zoom Patches Critical Windows Flaw Enabling Account Takeover · Zoom releases urgent patches for a critical Windows vulnerability allowing unauthenticated account takeovers.
- SASE Security Gaps Exposed by AI and Modern Browser Workflows · Traditional SASE fails to inspect AI-driven browser interactions, forcing a shift to endpoint enforcement.
- Researcher Releases Windows Zero-Day PoC Despite Microsoft Patch Tuesday · Security researcher Chaotic Eclipse released a Windows User Profile Service exploit functional on patched systems.
- Webinar Explains How to Close the AI-Era Approval Gap in Ad Tech · Reflectiz and Taboola host a webinar on closing the security gap between approved marketing tags and actual site execution.
- Cursor IDE Flaw Lets Malicious git.exe in Repo Root Execute Arbitrary Code on Windows · Cursor IDE on Windows runs any git.exe found in a project root without user approval, enabling remote code execution.
- RabbitMQ Flaws Leak OAuth Secrets and Expose Cross-Tenant Data · Security researchers found two RabbitMQ flaws leaking OAuth secrets and exposing tenant data.
- 11 Old Microsoft-Signed Linux UEFI Shims Bypass Secure Boot · Researchers found 11 vulnerable UEFI shims that bypass Secure Boot protections on modern systems.
- Study Reveals 85 Crypto Wallet Extensions Leak User Addresses for Tracking · KU Leuven researchers found 85 popular crypto wallet extensions leak user addresses, enabling cross-site tracking and identity linking.
- Pentera Integrates Validation Data into AI Security Workflows via MCP · Pentera launches an MCP server to feed validated attack evidence into AI security agents.
- 148 NPM Packages Turned Student Browsers Into DDoS Botnet · Malicious npm packages hijacked student browsers to launch a distributed denial-of-service attack.
- Meta Files Patent for AI That Monitors Voice, Eyes, and Mood All Day · Meta's new patent describes an AI system that continuously tracks emotional states via voice, biometrics, and device usage.
- Threat Actor Uses AI-Generated PowerShell Script to Map Active Directory · Huntress researchers identify an intrusion where an attacker used an AI-generated PowerShell script to enumerate Active Directory.
- Critical Zimbra Stored XSS Flaw Enables Malicious Code in User Sessions · Zimbra warns of critical stored XSS vulnerability allowing arbitrary code execution via crafted emails in Classic Web Client
- Progress Software Orders ShareFile Customers to Shut Down Controllers Over Security Threat · Progress Software has ordered ShareFile customers to shut down Storage Zone Controllers due to a credible external security threat.
- Injective Labs GitHub Compromised to Push Wallet-Key-Stealing npm Packages · Hackers compromised Injective Labs GitHub to release malware stealing crypto wallet keys via npm packages
- Six U-Boot Bootloader Flaws Allow Code Execution or Device Crashes · Researchers found six U-Boot vulnerabilities enabling pre-boot code execution or system crashes.
- Laser Attack Resets Tangem Wallet Passwords on Unpatchable Cards · Ledger researchers demonstrate laser fault injection resets Tangem wallet passwords without old credentials
- WhatsApp-to-Host Attack Chain Exploits Three OpenClaw AI Flaws · Security researcher reveals how WhatsApp messages can trigger host code execution via three patched OpenClaw vulnerabilities
- Zscaler Webinar Teaches Defense Against AI-Powered Cyberattacks · Zscaler hosts free webinar on Zero Trust strategies to counter rapid AI-driven cyber threats
- Athena Clearinghouse Pools Pre-Disclosure Vulnerabilities to Combat Rapid Exploitation · Athena aggregates pre-disclosure vulnerabilities across open source to address the negative seven-day mean time to exploit.
- GodDamn Ransomware Uses Microsoft-Signed PoisonX Driver to Disable Defenses · GodDamn ransomware utilizes the malicious PoisonX driver to neutralize endpoint security software.
- Microsoft Patches Defender Flaw Allowing SYSTEM Privilege Escalation · Microsoft releases update for RoguePlanet vulnerability in Malware Protection Engine.
- Meta's Muse Image Tool Uses Public Instagram Photos for AI Generation by Default · Meta's new Muse Image AI tool automatically uses public Instagram content to generate images without user notification.