Category: TheHackerNews

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
28
Feb
2026

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused…

Share: X : Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API EnablementFacebook : Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API EnablementLinkedin : Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API EnablementReddit : Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API EnablementTelegram : Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API EnablementWhatsApp : Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API EnablementEmail : Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
Pentagon Designates Anthropic
28
Feb
2026

Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute

Ravie LakshmananFeb 28, 2026National Security / Artificial Intelligence Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth…

Share: X : Pentagon Designates Anthropic Supply Chain Risk Over AI Military DisputeFacebook : Pentagon Designates Anthropic Supply Chain Risk Over AI Military DisputeLinkedin : Pentagon Designates Anthropic Supply Chain Risk Over AI Military DisputeReddit : Pentagon Designates Anthropic Supply Chain Risk Over AI Military DisputeTelegram : Pentagon Designates Anthropic Supply Chain Risk Over AI Military DisputeWhatsApp : Pentagon Designates Anthropic Supply Chain Risk Over AI Military DisputeEmail : Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
27
Feb
2026

DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams

Ravie LakshmananFeb 27, 2026Financial Crime / Social Engineering The U.S. Department of Justice (DoJ) this week announced the seizure of…

Share: X : DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto ScamsFacebook : DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto ScamsLinkedin : DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto ScamsReddit : DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto ScamsTelegram : DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto ScamsWhatsApp : DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto ScamsEmail : DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
27
Feb
2026

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

Ravie LakshmananFeb 27, 2026Network Security / Vulnerability The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain…

Share: X : 900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell AttacksFacebook : 900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell AttacksLinkedin : 900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell AttacksReddit : 900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell AttacksTelegram : 900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell AttacksWhatsApp : 900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell AttacksEmail : 900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Rekoobe Backdoor
27
Feb
2026

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

Ravie LakshmananFeb 27, 2026Malware / Linux Security Cybersecurity researchers have disclosed details of a malicious Go module that’s designed to…

Share: X : Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe BackdoorFacebook : Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe BackdoorLinkedin : Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe BackdoorReddit : Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe BackdoorTelegram : Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe BackdoorWhatsApp : Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe BackdoorEmail : Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
27
Feb
2026

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

Ravie LakshmananFeb 27, 2026Malware / Surveillance The North Korean threat actor known as ScarCruft has been attributed to a fresh…

Share: X : ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped NetworksFacebook : ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped NetworksLinkedin : ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped NetworksReddit : ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped NetworksTelegram : ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped NetworksWhatsApp : ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped NetworksEmail : ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
27
Feb
2026

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Ravie LakshmananFeb 27, 2026Endpoint Security / Windows Security Threat actors are luring unsuspecting users into running trojanized gaming utilities that…

Share: X : Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat PlatformsFacebook : Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat PlatformsLinkedin : Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat PlatformsReddit : Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat PlatformsTelegram : Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat PlatformsWhatsApp : Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat PlatformsEmail : Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
27
Feb
2026

Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams

Ravie LakshmananFeb 27, 2026Online Scam / Digital Advertising Meta on Thursday said it’s taking legal action to tackle scams on…

Share: X : Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait ScamsFacebook : Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait ScamsLinkedin : Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait ScamsReddit : Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait ScamsTelegram : Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait ScamsWhatsApp : Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait ScamsEmail : Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
26
Feb
2026

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown

Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure…

Share: X : Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade TakedownFacebook : Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade TakedownLinkedin : Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade TakedownReddit : Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade TakedownTelegram : Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade TakedownWhatsApp : Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade TakedownEmail : Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
26
Feb
2026

UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor

Ravie LakshmananFeb 26, 2026Malware / Threat Intelligence A previously undocumented threat activity cluster has been attributed to an ongoing malicious…

Share: X : UAT-10027 Targets U.S. Education and Healthcare with Dohdoor BackdoorFacebook : UAT-10027 Targets U.S. Education and Healthcare with Dohdoor BackdoorLinkedin : UAT-10027 Targets U.S. Education and Healthcare with Dohdoor BackdoorReddit : UAT-10027 Targets U.S. Education and Healthcare with Dohdoor BackdoorTelegram : UAT-10027 Targets U.S. Education and Healthcare with Dohdoor BackdoorWhatsApp : UAT-10027 Targets U.S. Education and Healthcare with Dohdoor BackdoorEmail : UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor
Expert Recommends: Prepare for PQC Right Now
26
Feb
2026

Expert Recommends: Prepare for PQC Right Now

Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things…

Share: X : Expert Recommends: Prepare for PQC Right NowFacebook : Expert Recommends: Prepare for PQC Right NowLinkedin : Expert Recommends: Prepare for PQC Right NowReddit : Expert Recommends: Prepare for PQC Right NowTelegram : Expert Recommends: Prepare for PQC Right NowWhatsApp : Expert Recommends: Prepare for PQC Right NowEmail : Expert Recommends: Prepare for PQC Right Now
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
26
Feb
2026

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Ravie LakshmananFeb 26, 2026Malware / Software Security Cybersecurity researchers have disclosed details of a new malicious package discovered on the…

Share: X : Malicious StripeApi NuGet Package Mimicked Official Library and Stole API TokensFacebook : Malicious StripeApi NuGet Package Mimicked Official Library and Stole API TokensLinkedin : Malicious StripeApi NuGet Package Mimicked Official Library and Stole API TokensReddit : Malicious StripeApi NuGet Package Mimicked Official Library and Stole API TokensTelegram : Malicious StripeApi NuGet Package Mimicked Official Library and Stole API TokensWhatsApp : Malicious StripeApi NuGet Package Mimicked Official Library and Stole API TokensEmail : Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens