The Hacker News

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco patches four CVEs up to CVSS 9.9 in ISE and Webex, preventing code execution and user impersonation risks.

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
The Hacker News

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

Two Composer flaws (CVE-2026-40176, CVE-2026-40261) allow command execution via Perforce configurations, prompting urgent ...
SecurityWeek

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, and EPA to boost cybersecurity budget to $19 million ...
Coingape

CRCL Stock Price Falls as Investors Sue Circle Over $280M Drift Protocol Hack

CRCL stock price slumps as investors filed class action lawsuit against Circle over failing to freeze USDC in $280M Drift ...
Korea JoongAng Daily

Pyongyang-backed hackers tap video calls as malware attacks target more than crypto, report warns

North Korean hackers are using fake video calls to steal far more than cryptocurrency, according to a cybersecurity report ...

Hack Alert Issued Over Security Weakness in Software Used by Pakistani Firms

The government has issued an advisory regarding a critical vulnerability in Fortinet’s FortiClient EMS, which is affecting ...

Crypto Whale Moves $225 Million USDC Before Pulling $77.52 Million Ethereum

A crypto whale tracked as 0xeCE7 shifted $225 million in USDC onto Binance, Bybit, and Deribit and then pulled 32,007 ...

How a Hacker Used Claude and ChatGPT to Breach Multiple Government Agencies?

Discover how a hacker exploited Claude and ChatGPT to breach government agencies. Learn about the AI-driven tactics used to ...
SecurityWeek

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool.

Dangerous Fake Microsoft Windows Update Confirmed—Do Not Download

As security researchers warn about a dangerous Microsoft Windows update that isn’t legitimate, users must pay close attention ...

Explained: What is Pegasus spyware that CIA used to hack into phones of Iranian leadership

The CIA reportedly used Israeli-made Pegasus spyware to deceive Iran during a mission to rescue a downed US airman. The ...