China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia…
Category: TheHackerNews
Orchid Security Introduces Continuous Identity Observability for Enterprise Applications
The Hacker NewsFeb 04, 2026Identity Security / Security Operations An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The Challenge:…
How Early Decisions Shape Incident Response Investigations
Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when…
Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers
Ravie LakshmananFeb 04, 2026Malvertising / Infostealer Microsoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple macOS environments by leveraging cross-platform…
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
Ravie LakshmananFeb 04, 2026Software Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web…
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
Ravie LakshmananFeb 04, 2026Supply Chain Security / Secure Coding The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks…
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata
Ravie LakshmananFeb 03, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant…
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Ravie LakshmananFeb 03, 2026Open Source / Vulnerability Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular…
Learn What to Build, Buy, and Automate
The Hacker NewsFeb 03, 2026Threat Detection / Enterprise Security Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough…
When Cloud Outages Ripple Across the Internet
Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of…
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
Ravie LakshmananFeb 03, 2026Vulnerability / Malware The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed…
Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox
Ravie LakshmananFeb 03, 2026Artificial Intelligence / Privacy Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to…