KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike Vulnerability / Threat IntelligenceA now-patched high-severity security flaw affecting Digital Kno... 2026-5-26 05:19:38 | 阅读: 23 | 收藏 | The Hacker News - thehackernews.com viewstate payload security 2026

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos Monday recap. Same mess, new week.A sketchy dev tool got people pwned, old bugs came back from t... 2026-5-25 14:13:27 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com 2026 security microsoft attackers attacker

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks Vulnerability / Web SecurityThreat actors are exploiting a recently disclosed critical security fl... 2026-5-25 12:2:46 | 阅读: 25 | 收藏 | The Hacker News - thehackernews.com security malicious payload xlab clickfix

The Alert Firehose Finally Meets Its Match Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy... 2026-5-25 11:30:0 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com ndr agentic network noise detections

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms Endpoint Security / Threat IntelligenceCybersecurity researchers have shed light on a cross-platfo... 2026-5-25 09:32:54 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com remotepe dpapiloader c2 stage

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, a... 2026-5-25 05:59:13 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com github trapdoor malicious developer ssh

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks Software Supply Chain / DevSecOpsGitHub has rolled out new controls for npm to improve the securit... 2026-5-23 16:35:10 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com publishing staged github approve installs

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware A new "coordinated" supply chain attack campaign has impacted eight packages on Packagist including... 2026-5-23 16:7:51 | 阅读: 23 | 收藏 | The Hacker News - thehackernews.com github malicious payload network php

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software Artificial Intelligence / VulnerabilityAnthropic on Friday disclosed that Project Glasswing has he... 2026-5-23 11:55:35 | 阅读: 71 | 收藏 | The Hacker News - thehackernews.com security software anthropic mythos

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer Supply Chain Attack / MalwareCybersecurity researchers have flagged a fresh software supply chain... 2026-5-23 09:51:13 | 阅读: 38 | 收藏 | The Hacker News - thehackernews.com php payload windows stealer microsoft

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root Vulnerability / Web SecurityA maximum-severity security vulnerability impacting LiteSpeed User-End... 2026-5-23 07:35:13 | 阅读: 53 | 收藏 | The Hacker News - thehackernews.com cpanel litespeed whm security 2026

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV Vulnerability / Website SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) h... 2026-5-23 07:23:48 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com drupal security 2026 exploited injection

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups Authorities in Europe and North America have announced the dismantling of a criminal virtual priv... 2026-5-22 17:35:2 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com offered ransomware 1vpns ukraine network

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware Malware / Artificial IntelligenceThe Belarus-aligned threat actor known as Ghostwriter (aka UAC-00... 2026-5-22 16:20:32 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com oysterblues council bluesky hijacked artificial

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that... 2026-5-22 11:55:24 | 阅读: 40 | 收藏 | The Hacker News - thehackernews.com github polymarket attacker teampcp cloud

Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective 1 IntroductionThis article provides a technical analysis of how many Windows kernel mode drivers... 2026-5-22 11:38:12 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com hardware mj pnp adddevice gmlxdfltr

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks Cybercrime / Law EnforcementThe U.S. Department of Justice (DoJ) on Thursday announced the arrest... 2026-5-22 08:50:18 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com kimwolf butler doj aisuru dort

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV Vulnerability / Cyber AttackThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Th... 2026-5-22 05:47:33 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com 2026 apex security attacker

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access Vulnerability / Network SecurityCisco has rolled out updates for a maximum-severity security flaw... 2026-5-22 05:36:18 | 阅读: 30 | 收藏 | The Hacker News - thehackernews.com workload security attacker exploited

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor Cyber Espionage / Threat IntelligenceCybersecurity researchers have disclosed details of a new Lin... 2026-5-21 14:17:9 | 阅读: 34 | 收藏 | The Hacker News - thehackernews.com showboat c2 security afghanistan