Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen…
Category: TheHackerNews
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
Ravie LakshmananApr 22, 2026Cloud Security / Software Security Cybersecurity researchers have warned of malicious images pushed to the official “checkmarx/kics” Docker Hub repository. In an…
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
Ravie LakshmananApr 22, 2026Cyber Espionage / Malware The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor…
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Ravie LakshmananApr 22, 2026Malware / Critical Infrastructure Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at…
5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of…
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
Ravie LakshmananApr 21, 2026Insider Threat / Cybercrime A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against…
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research…
22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
Ravie LakshmananApr 21, 2026Network Security / Vulnerability Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that…
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry…
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
Ravie LakshmananApr 21, 2026Network Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known…
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware…
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Ravie LakshmananApr 20, 2026Open Source / Server Security A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote…