Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a “supply…
Category: TheHackerNews
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini…
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
Ravie LakshmananMar 09, 2026Threat Intelligence / Web Security High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor…
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence…
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
Ravie LakshmananMar 02, 2026Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean…
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
Ravie LakshmananMar 02, 2026Vulnerability / Threat Intelligence A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor…
How to Protect Your SaaS from Bot Attacks with SafeLine WAF
Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great:…
Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
Ravie LakshmananMar 02, 2026Cryptography / Browser Security Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against…
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
Ravie LakshmananMar 02, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers…
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
Ravie LakshmananMar 03, 2026Malware / Phishing The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities…
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Ravie LakshmananMar 03, 2026Vulnerability / Mobile Security Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices…
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Ravie LakshmananMar 03, 2026Phishing / Malware Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional…