Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators
Jan 07, 2026The Hacker NewsThreat Detection / Endpoint Security Security teams are still catching malware. The problem is what they’re not catching. More attacks today…
Category: TheHackerNews
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
Jan 07, 2026Ravie LakshmananEmail Security / Financial Fraud Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’…
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
Jan 07, 2026Ravie LakshmananNetwork Security / Vulnerability A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in…
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing…
Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover
Jan 06, 2026Ravie LakshmananIoT Security / Vulnerability The CERT Coordination Center (CERT/CC) has disclosed details of an unpatched security flaw impacting TOTOLINK EX200 wireless range…
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
Jan 06, 2026Ravie LakshmananVulnerability / Web Security Users of the “@adonisjs/bodyparser” npm package are being advised to update to the latest version following the disclosure…
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
Jan 06, 2026Ravie LakshmananThreat Intelligence / Cloud Security Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity,…
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
Jan 06, 2026Ravie LakshmananMalware / Endpoint Security Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALT#BLYX that has leveraged ClickFix-style lures…
What is Identity Dark Matter?
Jan 06, 2026The Hacker NewsSaaS Security / Enterprise Security The Invisible Half of the Identity Universe Identity used to live in one place – an…
New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands
Jan 06, 2026Ravie LakshmananVulnerability / DevOps A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an…
Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government
Jan 05, 2026Ravie LakshmananCyber Espionage / Windows Security The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by…
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks
Jan 05, 2026Ravie LakshmananIoT Security / Mobile Security The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential…