The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open
The Hacker NewsMay 06, 2026Security Leadership / Industry Recognition For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace…
Category: TheHackerNews
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has…
Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks
Ravie LakshmananMay 06, 2026Android / Data Security Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain…
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
Ravie LakshmananMay 05, 2026Network Security / Endpoint Security A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in…
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
Ravie LakshmananMay 05, 2026Endpoint Security / Software Security A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a…
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Ravie LakshmananMay 05, 2026Vulnerability / Server Security The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server,…
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with…
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
Ravie LakshmananMay 05, 2026Cyber Espionage / Surveillance The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply…
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
Ravie LakshmananMay 04, 2026Malware / Network Security The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in…
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Ravie LakshmananMay 04, 2026Vulnerability / Enterprise Software Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that…
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
Ravie LakshmananMay 04, 2026Network Security / Endpoint Security An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate…
2026: The Year of AI-Assisted Attacks
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract…