⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More Monday hit like a cron job with anger issues.A busted auth path here, a repo-side faceplant there... 2026-6-1 13:59:54 | 阅读: 30 | 收藏 | The Hacker News - thehackernews.com 2026 security remote network phishing

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officia... 2026-6-1 11:54:24 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com loader c2 adaptixc2 payload malicious

The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools Three years ago, the practical question for an MSP building a cybersecurity practice was which "vC... 2026-6-1 11:30:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com security vciso tier msp growth

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's t... 2026-6-1 09:31:15 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com codex attacker openai sentry aikido

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts Vulnerability / Website Security,Threat actors are attempting to actively exploit a critical secur... 2026-6-1 08:45:29 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com wp security wpgmp wordpress attackers

Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices IoT Security / Network SecurityDutch authorities have announced the takedown of a botnet that ensl... 2026-5-31 12:22:12 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com proxies asocks malicious residential ncsc

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation Vulnerability / Network SecurityPalo Alto Networks has warned that a recently disclosed medium-sev... 2026-5-30 06:41:26 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com 2026 security palo alto

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverage... 2026-5-29 18:7:12 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com attacker security injection malicious claude

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit Vulnerability / Artificial IntelligenceAn unknown threat actor has been observed using a large l... 2026-5-29 14:39:56 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com ssh attacker database sysdig marimo

New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks Cyber Espionage / Artificial IntelligenceA previously undocumented threat actor dubbed GREYVIBE ha... 2026-5-29 11:31:59 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com legionrelay greyvibe development ukrainian withsecure

What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something... 2026-5-29 10:30:0 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com shadow vibe builders sanctioned sse

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# softwa... 2026-5-29 09:11:25 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com malicious sicoob opensearch vpmdhaj security

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been att... 2026-5-29 05:57:41 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com meeting security download pebbledash remote

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code Vulnerability / Open SourceA critical security vulnerability has been disclosed in Gogs, a popul... 2026-5-28 17:24:44 | 阅读: 22 | 收藏 | The Hacker News - thehackernews.com repository rebase attacker gogs security

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer Vulnerability / Endpoint SecurityThreat actors are continuing to exploit a critical, now-patched s... 2026-5-28 15:26:4 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com malicious powershell ems forticlient stealer

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal Zero Day / Vulnerability DisclosureMicrosoft has come out strongly in favor of Coordinated Vulne... 2026-5-28 13:53:52 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com 2026 microsoft disclosures security

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody... 2026-5-28 13:33:16 | 阅读: 30 | 收藏 | The Hacker News - thehackernews.com phishing security victim 2026 kali365

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users" State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enter... 2026-5-28 11:30:0 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com governance exposure copilot chatgpt

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware Supply Chain Attack / MalwareA new campaign orchestrated by a previously undocumented threat actor... 2026-5-28 07:54:48 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com wiz 0164 jinx payload korean

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users Latin America and Europe become the target of two banking trojan campaigns that are designed to inf... 2026-5-27 16:10:21 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com btmob watchguard grandoreiro phishing analysis