ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
Ravie LakshmananFeb 27, 2026Malware / Surveillance The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a…
Category: TheHackerNews
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
Ravie LakshmananFeb 27, 2026Malware / Linux Security Cybersecurity researchers have disclosed details of a malicious Go module that’s designed to harvest passwords, create persistent access…
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Ravie LakshmananFeb 27, 2026Network Security / Vulnerability The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as…
Can the Security Platform Finally Deliver for the Mid-Market?
The Hacker NewsMar 09, 2026Endpoint Security / Security Operations Mid-market organizations are constantly striving to achieve security levels on a par with their enterprise peers.…
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
Ravie LakshmananFeb 27, 2026Financial Crime / Social Engineering The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether…
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to…
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a “supply…
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini…
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
Ravie LakshmananMar 09, 2026Threat Intelligence / Web Security High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor…
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence…
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
Ravie LakshmananMar 02, 2026Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean…
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
Ravie LakshmananMar 02, 2026Vulnerability / Threat Intelligence A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor…