The Hacker News

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

ESET links Russia-backed Sandworm to a failed December 2025 cyberattack using DynoWiper malware against Poland’s power and renewable energy systems.
The Hacker News

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

A multi-stage phishing campaign targeting Russia abuses GitHub and Dropbox to disable Microsoft Defender and deploy Amnesia ...
The Hacker News

Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents

AI agents break traditional IAM by enabling delegated access, authorization bypass, and high-risk ownerless organizational ...
The Hacker News

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

CISA added VMware vCenter vulnerability CVE-2024-37079 to its KEV list after confirmed in-the-wild exploitation, urging ...
The Hacker News

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft reports a multi-stage AitM phishing and BEC campaign abusing SharePoint, inbox rules, and stolen session cookies to ...
The Hacker News

New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack

Experts uncovered a new Osiris ransomware strain that used a custom POORTRY driver in a BYOVD attack to disable security tools & steal data in 2025.
The Hacker News

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

A 9.8-severity flaw (CVE-2026-24061) in GNU InetUtils telnetd allows remote authentication bypass and root access in versions ...
The Hacker News

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

A newly patched SmarterMail flaws is being exploited in the wild, allowing attackers to reset admin passwords and gain SYSTEM ...
The Hacker News

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by February 12, 2026.
The Hacker News

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

Arctic Wolf reports automated attacks on FortiGate devices abusing FortiCloud SSO flaws to change firewall settings and steal ...
The Hacker News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via SAML abuse.
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...