HackerNex

The Hacker News

IFTTT

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Threat hunters have flagged a previously undocumented Brazilian …

ITZ PASINDU -May 08, 2026

IFTTT

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

Cybersecurity researchers have disclosed details of a new Linux …

ITZ PASINDU -May 08, 2026

IFTTT

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Details have emerged about a new, unpatched local privilege esca…

ITZ PASINDU -May 08, 2026

IFTTT

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Ivanti is warning that a new security flaw impacting Endpoint Ma…

ITZ PASINDU -May 07, 2026

IFTTT

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

Cybersecurity researchers have disclosed details of a new creden…

ITZ PASINDU -May 07, 2026

IFTTT

Day Zero Readiness: The Operational Gaps That Break Incident Response

Having an incident response retainer, or even a pre-approved ext…

ITZ PASINDU -May 07, 2026

IFTTT

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

Cybersecurity researchers have discovered three packages on the …

ITZ PASINDU -May 07, 2026

IFTTT

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been disclosed in…

ITZ PASINDU -May 06, 2026

IFTTT

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

Cybersecurity researchers have exposed a new Mirai-derived botne…

ITZ PASINDU -May 06, 2026

IFTTT

Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?

Analysts recently confirmed what identity security teams have qu…

ITZ PASINDU -May 06, 2026

IFTTT

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

Cybersecurity researchers have disclosed details of an intrusion…

ITZ PASINDU -May 06, 2026

IFTTT

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

Palo Alto Networks has released an advisory warning that a criti…

ITZ PASINDU -May 06, 2026

IFTTT

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

The North Korea-aligned state-sponsored hacking group known as S…

ITZ PASINDU -May 05, 2026

IFTTT

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Microsoft has disclosed details of a large-scale credential thef…

ITZ PASINDU -May 05, 2026

IFTTT

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

An active phishing campaign has been observed targeting multiple…

ITZ PASINDU -May 04, 2026

IFTTT

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

The China-based cybercrime group known as Silver Fox has been li…

ITZ PASINDU -May 04, 2026

IFTTT

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

A previously unknown threat actor has been observed targeting go…

ITZ PASINDU -May 04, 2026

IFTTT

Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

A coordinated international operation involving U.S. and Chinese…

ITZ PASINDU -May 03, 2026

IFTTT

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA)…

ITZ PASINDU -May 03, 2026

IFTTT

Trellix Confirms Source Code Breach With Unauthorized Repository Access

Cybersecurity company Trellix has announced that it suffered a b…

ITZ PASINDU -May 02, 2026

HackerNex

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

Day Zero Readiness: The Operational Gaps That Break Incident Response

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

Trellix Confirms Source Code Breach With Unauthorized Repository Access

Pentesters: Is AI Coming for Your Role?

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems