New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution Vulnerability / Email SecurityExim has released security updates to address a severe security issu... 2026-5-12 16:44:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com exim bdat security corruption xbow

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded Supply Chain Attack / Software SecurityRubyGems, the standard package manager for the Ruby program... 2026-5-12 14:47:0 | 阅读: 7 | 收藏 | The Hacker News - thehackernews.com software rubygems malicious temporarily paused

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots Malware / Mobile SecurityCybersecurity researchers have flagged a new version of the TrickMo Andro... 2026-5-12 12:50:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com network trickmo ton proxy

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help Threat Detection / AI SecurityWhy do the Riskiest SOC Alerts Go Unanswered?Security operations te... 2026-5-12 11:58:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com security radiant triage gap webinar

Why Agentic AI Is Security's Next Blind Spot Agentic AI is already running in production environments across many organizations today. It is exe... 2026-5-12 10:30:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com security agents agentic

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages Supply Chain Attack / MalwareTeamPCP, the threat actor behind the recent supply chain attack spree... 2026-5-12 08:50:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com github tanstack pypi malicious squawk

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak Vulnerability / Network SecurityAmerican educational technology company Instructure, the parent co... 2026-5-12 07:37:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com instructure extortion agreement parents

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation Vulnerability / AI SecurityOpenAI has launched Daybreak, a new cybersecurity initiative that bring... 2026-5-12 06:55:0 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com security openai codex gpt daybreak

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android Encryption / Mobile SecurityApple on Monday officially released iOS 26.5 with support for end-to-e... 2026-5-12 05:18:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com rcs e2ee gsma encryption

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack Supply Chain Attack / DevSecOpsCheckmarx has confirmed that a modified version of the Jenkins AST... 2026-5-11 18:30:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com checkmarx teampcp jenkins github repository

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor Vulnerability / RansomwareA threat actor named Mr_Rot13 has been attributed to the exploitation of... 2026-5-11 17:54:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com xlab cpanel remote rot13 php

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that... 2026-5-11 15:45:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com gemini malicious promptspy llm gtig

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More Rough Monday.Somebody poisoned a trusted download again, somebody else turned cloud servers into... 2026-5-11 12:36:0 | 阅读: 22 | 收藏 | The Hacker News - thehackernews.com 2026 security malicious attackers clickfix

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a... 2026-5-11 11:30:0 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com purple teaming autonomous attacker security

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads Supply Chain Attack / Threat IntelligenceA malicious Hugging Face repository managed to take a spo... 2026-5-11 07:5:0 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com windows anthfu malicious repository powershell

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if succe... 2026-5-10 12:41:0 | 阅读: 23 | 收藏 | The Hacker News - thehackernews.com ollama windows attacker gguf memory

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now Vulnerability / Web HostingcPanel has released updates to address three vulnerabilities in cPanel... 2026-5-9 07:16:0 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com cpanel 2026 exploited

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER tha... 2026-5-8 18:12:0 | 阅读: 39 | 收藏 | The Hacker News - thehackernews.com trojan brazilian tclbanker windows microsoft

Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads Android / Mobile SecurityCybersecurity researchers have discovered fraudulent apps on the official... 2026-5-8 15:8:0 | 阅读: 57 | 收藏 | The Hacker News - thehackernews.com callhistory ib eset brands histories

Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers'... 2026-5-8 11:0:0 | 阅读: 23 | 收藏 | The Hacker News - thehackernews.com qlnx c2 processes network