The Hacker News

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.
The Hacker News

Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.
The Hacker News

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...
The Hacker News

Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries

Operation Lightning dismantled SocksEscort proxy botnet exploiting 369,000 IPs in 163 countries, disrupting fraud networks and freezing $3.5M crypto.
The Hacker News

Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation

Nine CrackArmor flaws in Linux AppArmor since 2017 enable root escalation and container bypass, putting 12.6M systems at risk.
The Hacker News

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Google patches two Chrome zero-days exploited in the wild, urging updates to version 146.0.7680.75/76 to prevent attacks.
The Hacker News

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

Rust-based VENON malware targets 33 Brazilian financial platforms using advanced evasion and overlays, enabling credential theft.
The Hacker News

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

WebKit fix after Coruna exploit kit abused iOS flaws, protecting older iPhones and iPads from memory corruption attacks ...