Category: TheHackerNews

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models
04
Feb
2026

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

Ravie LakshmananFeb 04, 2026Artificial Intelligence / Software Security Microsoft on Wednesday said it built a lightweight scanner that it said…

Share: X : Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language ModelsFacebook : Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language ModelsLinkedin : Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language ModelsReddit : Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language ModelsTelegram : Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language ModelsWhatsApp : Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language ModelsEmail : Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models
China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
04
Feb
2026

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law…

Share: X : China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage CampaignsFacebook : China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage CampaignsLinkedin : China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage CampaignsReddit : China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage CampaignsTelegram : China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage CampaignsWhatsApp : China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage CampaignsEmail : China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
Orchid Security Introduces Continuous Identity Observability for Enterprise Applications
04
Feb
2026

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

The Hacker NewsFeb 04, 2026Identity Security / Security Operations An innovative approach to discovering, analyzing, and governing identity usage beyond…

Share: X : Orchid Security Introduces Continuous Identity Observability for Enterprise ApplicationsFacebook : Orchid Security Introduces Continuous Identity Observability for Enterprise ApplicationsLinkedin : Orchid Security Introduces Continuous Identity Observability for Enterprise ApplicationsReddit : Orchid Security Introduces Continuous Identity Observability for Enterprise ApplicationsTelegram : Orchid Security Introduces Continuous Identity Observability for Enterprise ApplicationsWhatsApp : Orchid Security Introduces Continuous Identity Observability for Enterprise ApplicationsEmail : Orchid Security Introduces Continuous Identity Observability for Enterprise Applications
How Early Decisions Shape Incident Response Investigations
04
Feb
2026

How Early Decisions Shape Incident Response Investigations

Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what…

Share: X : How Early Decisions Shape Incident Response InvestigationsFacebook : How Early Decisions Shape Incident Response InvestigationsLinkedin : How Early Decisions Shape Incident Response InvestigationsReddit : How Early Decisions Shape Incident Response InvestigationsTelegram : How Early Decisions Shape Incident Response InvestigationsWhatsApp : How Early Decisions Shape Incident Response InvestigationsEmail : How Early Decisions Shape Incident Response Investigations
macOS via Fake Ads and Installers
04
Feb
2026

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Ravie LakshmananFeb 04, 2026Malvertising / Infostealer Microsoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple…

Share: X : Microsoft Warns Python Infostealers Target macOS via Fake Ads and InstallersFacebook : Microsoft Warns Python Infostealers Target macOS via Fake Ads and InstallersLinkedin : Microsoft Warns Python Infostealers Target macOS via Fake Ads and InstallersReddit : Microsoft Warns Python Infostealers Target macOS via Fake Ads and InstallersTelegram : Microsoft Warns Python Infostealers Target macOS via Fake Ads and InstallersWhatsApp : Microsoft Warns Python Infostealers Target macOS via Fake Ads and InstallersEmail : Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
04
Feb
2026

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

Ravie LakshmananFeb 04, 2026Software Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical…

Share: X : CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV CatalogFacebook : CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV CatalogLinkedin : CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV CatalogReddit : CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV CatalogTelegram : CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV CatalogWhatsApp : CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV CatalogEmail : CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
Open VSX Extensions
04
Feb
2026

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Ravie LakshmananFeb 04, 2026Supply Chain Security / Secure Coding The Eclipse Foundation, which maintains the Open VSX Registry, has announced…

Share: X : Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX ExtensionsFacebook : Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX ExtensionsLinkedin : Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX ExtensionsReddit : Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX ExtensionsTelegram : Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX ExtensionsWhatsApp : Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX ExtensionsEmail : Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata
03
Feb
2026

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

Ravie LakshmananFeb 03, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon,…

Share: X : Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image MetadataFacebook : Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image MetadataLinkedin : Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image MetadataReddit : Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image MetadataTelegram : Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image MetadataWhatsApp : Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image MetadataEmail : Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
03
Feb
2026

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Ravie LakshmananFeb 03, 2026Open Source / Vulnerability Threat actors have been observed exploiting a critical security flaw impacting the Metro…

Share: X : Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm PackageFacebook : Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm PackageLinkedin : Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm PackageReddit : Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm PackageTelegram : Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm PackageWhatsApp : Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm PackageEmail : Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Learn What to Build, Buy, and Automate
03
Feb
2026

Learn What to Build, Buy, and Automate

The Hacker NewsFeb 03, 2026Threat Detection / Enterprise Security Most security teams today are buried under tools. Too many dashboards….

Share: X : Learn What to Build, Buy, and AutomateFacebook : Learn What to Build, Buy, and AutomateLinkedin : Learn What to Build, Buy, and AutomateReddit : Learn What to Build, Buy, and AutomateTelegram : Learn What to Build, Buy, and AutomateWhatsApp : Learn What to Build, Buy, and AutomateEmail : Learn What to Build, Buy, and Automate
When Cloud Outages Ripple Across the Internet
03
Feb
2026

When Cloud Outages Ripple Across the Internet

Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare…

Share: X : When Cloud Outages Ripple Across the InternetFacebook : When Cloud Outages Ripple Across the InternetLinkedin : When Cloud Outages Ripple Across the InternetReddit : When Cloud Outages Ripple Across the InternetTelegram : When Cloud Outages Ripple Across the InternetWhatsApp : When Cloud Outages Ripple Across the InternetEmail : When Cloud Outages Ripple Across the Internet
Microsoft Office
03
Feb
2026

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

Ravie LakshmananFeb 03, 2026Vulnerability / Malware The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to…

Share: X : APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware AttacksFacebook : APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware AttacksLinkedin : APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware AttacksReddit : APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware AttacksTelegram : APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware AttacksWhatsApp : APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware AttacksEmail : APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks