The Hacker News

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

Android Intrusion Logging stores encrypted forensic logs for 12 months, helping experts investigate spyware attacks on ...
The Hacker News

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...
The Hacker News

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems halted new registrations after a major attack involving hundreds of malicious packages, increasing supply chain ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
The Hacker News

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

A new TrickMo Android banking trojan variant uses TON blockchain infrastructure for stealthy command-and-control ...
The Hacker NewsOpinion

Why Agentic AI Is Security's Next Blind Spot

Agentic AI expands enterprise attack surfaces through broad permissions and unreviewed deployments, increasing lateral ...
The Hacker News

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

Instructure paid a ransom after hackers stole 275 million Canvas records, reducing risks of wider extortion and leaks.
The Hacker News

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help

Critical SOC alerts go uninvestigated as static AI triage limits coverage, increasing enterprise breach risks.
The Hacker News

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

OpenAI launched Daybreak with GPT-5.5-Cyber tools as AI accelerates vulnerability discovery and exploit timelines.
The Hacker News

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android

Apple released iOS 26.5 with E2EE RCS messaging, enabling secure cross-platform chats between iPhone and Android users.
The Hacker News

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

TeamPCP compromised a Checkmarx Jenkins plugin in 2026, exposing supply chain security gaps and credential risks.
The Hacker News

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...