From MCPs and Tool Access to Shadow API Key Sprawl
Jan 13, 2026The Hacker NewsArtificial Intelligence / Automation Security AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude…
Category: TheHackerNews
New Advanced Linux VoidLink Malware Targets Cloud and container Environments
Jan 13, 2026Ravie LakshmananThreat Intelligence / Cyber Espionage Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that’s specifically…
ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
Jan 13, 2026Ravie LakshmananVulnerability / SaaS Security ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable…
What Should We Learn From How Attackers Leveraged AI in 2025?
Jan 13, 2026The Hacker NewsThreat Intelligence / Identity Security Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security…
New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack
Jan 13, 2026Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain…
CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution
Jan 13, 2026Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw…
n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens
Jan 12, 2026Ravie LakshmananVulnerability / Workflow Automation Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as…
GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials
A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that’s capable of brute-forcing user…
Anthropic Launches Claude AI for Healthcare with Secure Health Record Access
Jan 12, 2026Ravie LakshmananArtificial Intelligence / Healthcare Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows…
Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service…
MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors
Jan 10, 2026Ravie LakshmananCyber Espionage / Malware The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial,…
Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime
Jan 10, 2026Ravie LakshmananCybercrime / Financial Crime Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of…