Malicious npm Package Stole Files From Claude AI User Directory via GitHub Threat Intelligence / Supply Chain AttackCybersecurity researchers have discovered a new malicious... 2026-5-27 15:44:29 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com github security ox malicious operational

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure Malware / Threat IntelligenceCrowdStrike, in partnership with Google and the Shadowserver Foundati... 2026-5-27 11:48:37 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com glassworm software c2 developer crowdstrike

3 SOC Steps that Shut Down Incident Risks Early Most organizations still picture cyber defense as a fortress problem: build stronger walls, add mor... 2026-5-27 11:45:0 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com analysis socs operational phishing

5 Steps to Managing Shadow AI Tools Without Slowing Down Employees When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or start... 2026-5-27 11:30:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com security approved shadow evaluation governance

Gitea Vulnerability Exposes Private Container Images without Authentication Vulnerability / Software SecurityCybersecurity researchers have disclosed a security flaw in Gitea... 2026-5-27 10:6:32 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com gitea security deployments noscope germany

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence... 2026-5-27 07:45:52 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com microsoft software malicious defender

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at leas... 2026-5-26 15:48:41 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com security attackers 2026 fmapp muddywater

New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar Web Security / Artificial IntelligenceEvery single day, hackers are finding new ways to crash webs... 2026-5-26 11:58:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com security webinar checklist anymore lose

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions Vulnerability / Enterprise SecurityMicrosoft has rolled out updates to fix a remote code execution... 2026-5-26 11:49:53 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com microsoft attacker 2026 exploited 45659

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It mea... 2026-5-26 10:30:0 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com attacker bombing specops security passwords

CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizat... 2026-5-26 09:13:2 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com operational exposure security threats

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC... 2026-5-26 07:13:5 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com minifast nimbus manticore minijunk software

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike Vulnerability / Threat IntelligenceA now-patched high-severity security flaw affecting Digital Kno... 2026-5-26 05:19:38 | 阅读: 22 | 收藏 | The Hacker News - thehackernews.com viewstate payload security 2026

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos Monday recap. Same mess, new week.A sketchy dev tool got people pwned, old bugs came back from t... 2026-5-25 14:13:27 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com 2026 security microsoft attackers attacker

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks Vulnerability / Web SecurityThreat actors are exploiting a recently disclosed critical security fl... 2026-5-25 12:2:46 | 阅读: 25 | 收藏 | The Hacker News - thehackernews.com security malicious payload xlab clickfix

The Alert Firehose Finally Meets Its Match Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy... 2026-5-25 11:30:0 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com ndr agentic network noise detections

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms Endpoint Security / Threat IntelligenceCybersecurity researchers have shed light on a cross-platfo... 2026-5-25 09:32:54 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com remotepe dpapiloader c2 stage

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, a... 2026-5-25 05:59:13 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com github trapdoor malicious developer ssh

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks Software Supply Chain / DevSecOpsGitHub has rolled out new controls for npm to improve the securit... 2026-5-23 16:35:10 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com publishing staged github approve installs

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware A new "coordinated" supply chain attack campaign has impacted eight packages on Packagist including... 2026-5-23 16:7:51 | 阅读: 23 | 收藏 | The Hacker News - thehackernews.com github malicious payload network php