Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been att... 2026-5-29 05:57:41 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com meeting security download pebbledash remote

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code Vulnerability / Open SourceA critical security vulnerability has been disclosed in Gogs, a popul... 2026-5-28 17:24:44 | 阅读: 23 | 收藏 | The Hacker News - thehackernews.com repository rebase attacker gogs security

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer Vulnerability / Endpoint SecurityThreat actors are continuing to exploit a critical, now-patched s... 2026-5-28 15:26:4 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com malicious powershell ems forticlient stealer

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal Zero Day / Vulnerability DisclosureMicrosoft has come out strongly in favor of Coordinated Vulne... 2026-5-28 13:53:52 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com 2026 microsoft disclosures security

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody... 2026-5-28 13:33:16 | 阅读: 30 | 收藏 | The Hacker News - thehackernews.com phishing security victim 2026 kali365

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users" State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enter... 2026-5-28 11:30:0 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com governance exposure copilot chatgpt

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware Supply Chain Attack / MalwareA new campaign orchestrated by a previously undocumented threat actor... 2026-5-28 07:54:48 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com wiz 0164 jinx payload korean

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users Latin America and Europe become the target of two banking trojan campaigns that are designed to inf... 2026-5-27 16:10:21 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com btmob watchguard grandoreiro phishing analysis

Malicious npm Package Stole Files From Claude AI User Directory via GitHub Threat Intelligence / Supply Chain AttackCybersecurity researchers have discovered a new malicious... 2026-5-27 15:44:29 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com github security ox malicious operational

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure Malware / Threat IntelligenceCrowdStrike, in partnership with Google and the Shadowserver Foundati... 2026-5-27 11:48:37 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com glassworm software c2 developer crowdstrike

3 SOC Steps that Shut Down Incident Risks Early Most organizations still picture cyber defense as a fortress problem: build stronger walls, add mor... 2026-5-27 11:45:0 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com analysis socs operational phishing

5 Steps to Managing Shadow AI Tools Without Slowing Down Employees When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or start... 2026-5-27 11:30:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com security approved shadow evaluation governance

Gitea Vulnerability Exposes Private Container Images without Authentication Vulnerability / Software SecurityCybersecurity researchers have disclosed a security flaw in Gitea... 2026-5-27 10:6:32 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com gitea security deployments noscope germany

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence... 2026-5-27 07:45:52 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com microsoft software malicious defender

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at leas... 2026-5-26 15:48:41 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com security attackers 2026 fmapp muddywater

New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar Web Security / Artificial IntelligenceEvery single day, hackers are finding new ways to crash webs... 2026-5-26 11:58:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com security webinar checklist anymore lose

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions Vulnerability / Enterprise SecurityMicrosoft has rolled out updates to fix a remote code execution... 2026-5-26 11:49:53 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com microsoft attacker 2026 exploited 45659

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It mea... 2026-5-26 10:30:0 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com attacker bombing specops security passwords

CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizat... 2026-5-26 09:13:2 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com operational exposure security threats

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC... 2026-5-26 07:13:5 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com minifast nimbus manticore minijunk software