@TheHackersNews The Hacker News
Multiple high-profile hacking incidents and vulnerabilities have been recently reported. North Korean hackers are using fake job interviews to spread malware, while Chinese hackers are targeting governments and defense contractors using various backdoors and exploits. Additionally, critical flaws have been discovered in various software, including Cisco VPN gear, SolarWinds Web Help Desk, and Supermicro BMC, which could allow attackers to gain unauthorized access.
Engagements: [-------] #
- [--] Week [---------] -21%
- [--] Month [---------] +41%
- [--] Months [----------] +101%
- [--] Year [----------] +32%
Mentions: [---] #
- [--] Week [---] -6.60%
- [--] Month [---] +34%
- [--] Months [-----] +30%
- [--] Year [-----] +38%
Followers: [---------] #
- [--] Week [---------] +1.20%
- [--] Month [---------] +6.10%
- [--] Months [---------] +9%
- [--] Year [---------] +9.90%
CreatorRank: [------] #
Social Influence
Social category influence technology brands 28.83% stocks #1698 countries 11.26% social networks 5.41% finance 2.25% cryptocurrencies 1.8%
Social topic influence ai #4141, $googl #337, microsoft #47, systems #981, code 5.86%, crypto #539, execution #33, tools #3268, phishing #21, cloud #251
Top accounts mentioned or mentioned by @jackgoesvirtual @securedotcom @intelligencer41 @kindnessuae @ababino @grok @huntresslabs @bitdefender @talossecurity @transcrypts_ @sanarsh11 @dcicybersecnews @activestates @orchidsecurity @zastai @semgrep @googlecloud @praetorianlabs @stvemillertime @reversinglabs
Top assets mentioned Alphabet Inc Class A (GOOGL) Microsoft Corp. (MSFT) SolarWinds Corporation Common Stock (SWI) Solana (SOL)
Top Social Posts
Top posts by engagements in the last [--] hours
"SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits Researchers uncover SSHStalker an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access"
X Link 2026-02-11T09:59Z 1M followers, 54.3K engagements
"ThreatsDay Bulletin: AI Prompt RCE Claude 0-Click RenEngine Loader Auto 0-Days & 25+ Stories This weeks cybersecurity roundup covering emerging attacks malware trends infrastructure abuse and evolving intrusion activity"
X Link 2026-02-12T11:52Z 1M followers, 72K engagements
"Microsoft Patches [--] Vulnerabilities Including Six Actively Exploited Zero-Days Microsoft patches [--] vulnerabilities including six actively exploited zero-days with CISA mandating urgent federal remediation"
X Link 2026-02-11T10:28Z 1M followers, 13.7K engagements
"Malicious Chrome Extensions Caught Stealing Business Data Emails and Browsing History Malicious Chrome Extensions Caught Stealing Business Data Emails and Browsing History Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities"
X Link 2026-02-13T11:27Z 1M followers, 32.2K engagements
"Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited"
X Link 2026-02-10T04:39Z 1M followers, 41.5K engagements
"83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure 83% of Ivanti EPMM exploits traced to one IP as automated scans target governments and enterprises"
X Link 2026-02-12T07:36Z 1M followers, 13.7K engagements
"Google Links China Iran Russia North Korea to Coordinated Defense Sector Cyber Operations State-backed hackers from China Russia Iran and North Korea target defense contractors using espionage malware hiring scams and edge exploits"
X Link 2026-02-13T16:25Z 1M followers, 14.6K engagements
"Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent Quick Share flaw CVE-2024-10668 bypasses earlier fixes enabling DoS or unauthorized file delivery"
X Link 2025-04-03T08:21Z 1M followers, 24.1K engagements
"Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via SAML abuse"
X Link 2026-01-23T12:31Z 1M followers, 20.9K engagements
"ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security ZAST.AI raised $6M after uncovering hundreds of zero-days and [---] CVEs using AI-generated PoC validation"
X Link 2026-02-10T12:31Z 1M followers, [----] engagements
"SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass SolarWinds fixed six Web Help Desk vulnerabilities including four critical flaws that allow unauthenticated remote code execution"
X Link 2026-01-29T09:01Z 1M followers, 12.4K engagements
"China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain hypervisor control"
X Link 2026-01-09T17:44Z 1M followers, 15.4K engagements
"Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos Microsoft confirms a 3-phase strategy to deprecate NTLM improve auditing prioritize Kerberos and disable NTLM by default in future Windows releases"
X Link 2026-02-02T16:06Z 1M followers, 14.2K engagements
"Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP Critical Apache HugeGraph vulnerability exploited in the wild. Urgent update required to prevent remote code execution attacks. Patch now available"
X Link 2026-02-06T22:05Z 1M followers, [--] engagements
"Webinar The Smarter SOC Blueprint: Learn What to Build Buy and Automate Live webinar explains how modern SOCs decide what to build buy or automate to reduce tool sprawl and improve outcomes"
X Link 2026-02-03T14:56Z 1M followers, 11.2K engagements
"SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS [---] Score SmarterTools fixed critical SmarterMail flaws including CVSS [---] unauthenticated RCE and NTLM relay bugs urging users to update immediately"
X Link 2026-01-30T07:11Z 1M followers, 15.8K engagements
"Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access Experts uncovered malicious Chrome extensions that replace affiliate links exfiltrate data and steal ChatGPT authentication tokens from users"
X Link 2026-01-30T13:47Z 1M followers, 22.9K engagements
"Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run arbitrary code"
X Link 2026-01-28T12:44Z 1M followers, 18.3K engagements
"Cybercriminals Exploit X's Grok AI to Bypass Ad Protections and Spread Malware to Millions Cybercriminals exploit Grok to bypass X ad protections spreading malware via hidden links amplified to millions"
X Link 2025-08-16T05:35Z 1M followers, 38.4K engagements
"Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware giving attackers persistent remote access to developer syst"
X Link 2026-01-28T17:48Z 1M followers, 17.8K engagements
"Ex-Google Engineer Convicted for Stealing [----] AI Trade Secrets for China Startup A U.S. jury convicted a former Google engineer of stealing over [----] AI trade secret documents to benefit China-linked companies DOJ says"
X Link 2026-01-30T07:39Z 1M followers, 26.3K engagements
"Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers Python infostealers are spreading from Windows to macOS via Google Ads ClickFix lures and fake installers to steal credentials and financial data"
X Link 2026-02-04T07:44Z 1M followers, [----] engagements
"ThreatsDay Bulletin: Codespaces RCE AsyncRAT C2 BYOVD Abuse AI Cloud Intrusions & 15+ Stories ThreatsDay Bulletin: Key cyber updates on ransomware cloud intrusions phishing botnets supply-chain risks and nation-state threat activity"
X Link 2026-02-05T13:05Z 1M followers, 63K engagements
"A Cybercrime Merger Like No Other — Scattered Spider LAPSUS$ and ShinyHunters Join Forces Scattered Spider LAPSUS$ and ShinyHunters unite as Scattered LAPSUS$ Hunters reshaping cybercrime with Telegram extortion"
X Link 2025-11-04T17:25Z 1M followers, 101.5K engagements
"Kimwolf Android Botnet Infects Over [--] Million Devices via Exposed ADB and Proxy Networks Kimwolf is an Android botnet that infected 2M+ devices via exposed ADB using proxy networks to run DDoS attacks and sell residential bandwidth"
X Link 2026-01-05T16:46Z 1M followers, 14.8K engagements
"Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution A critical vm2 Node.js vulnerability (CVE-2026-22709 CVSS 9.8) allows sandbox escape via Promise handler bypass"
X Link 2026-01-28T14:07Z 1M followers, 11.9K engagements
"Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps Study of 100+ energy OT sites reveals unpatched devices flat networks and hidden assets with critical issues detected within minutes"
X Link 2026-01-29T15:58Z 1M followers, [----] engagements
"DarkSpectre Browser Extension Campaigns Exposed After Impacting [---] Million Users Worldwide A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from Chrome Edge and Firefox"
X Link 2025-12-31T16:19Z 1M followers, 17.7K engagements
"New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems Critical OpenSSH vulnerability allows remote code execution on Linux systems. Patch now to protect against potential attacks on millions of exposed se"
X Link 2024-07-02T05:32Z 1M followers, [----] engagements
"China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking Malware Delivery China-linked DKnife framework uses router-level AitM implants for traffic hijacking credential theft and malware delivery targeting edge devices"
X Link 2026-02-06T14:57Z 1M followers, [----] engagements
"Trend Micro Apex Central RCE Flaw Scores [---] CVSS in On-Prem Windows Versions Trend Micro patched a critical Apex Central on-prem Windows flaw (CVE-2025-69258) with CVSS [---] that allows remote code execution if access exists"
X Link 2026-01-09T10:01Z 1M followers, 14.7K engagements
"Bloody Wolf Targets Uzbekistan Russia Using NetSupport RAT in Spear-Phishing Campaign Bloody Wolf spear-phishing campaign deploys NetSupport RAT across Uzbekistan and Russia hitting 60+ victims and multiple sectors"
X Link 2026-02-09T10:58Z 1M followers, 12K engagements
"From Ransomware to Residency: Inside the Rise of the Digital Parasite Ransomware declines as stealth credential theft and persistence dominate modern cyberattacks Picus Red Report [----] finds"
X Link 2026-02-10T14:02Z 1M followers, [----] engagements
"Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server Warlock ransomware breached SmarterTools via unpatched SmarterMail exploiting critical flaws to access Windows systems and deploy encryption payloads"
X Link 2026-02-10T11:30Z 1M followers, [--] engagements
"⚡ Weekly Recap: AI Skill Malware 31Tbps DDoS Notepad++ Hack LLM Backdoors and More This weeks cyber recap covers AI risks supply-chain attacks major breaches DDoS spikes and critical vulnerabilities security teams must track"
X Link 2026-02-09T13:55Z 1M followers, [--] engagements
"Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files activating malware on import in version 1.2.0"
X Link 2026-01-28T10:01Z 1M followers, [----] engagements
"ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts Second-order prompt injection exploits ServiceNow agent discovery enabling unauthorized actions unless configurations and monitoring are tightened"
X Link 2025-12-21T13:30Z 1M followers, 16.8K engagements
"Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw CVE-2026-24858 now listed by CISA in KEV"
X Link 2026-01-28T04:53Z 1M followers, 16K engagements
"DeepSeek AI Database Exposed: Over [--] Million Log Lines Secret Keys Leaked DeepSeek AI exposed a database containing secret keys chat logs and backend data allowing full system access"
X Link 2025-01-30T10:09Z 1M followers, 27.9K engagements
"Rogue NuGet Package Poses as Tracer.Fody Steals Cryptocurrency Wallet Data A fake NuGet package mimicking Tracer.Fody stayed online for years stealing Stratis wallet files and passwords from Windows systems"
X Link 2025-12-16T15:43Z 1M followers, 10.8K engagements
"Researchers Find [------] Publicly Exposed Ollama AI Servers Across [---] Countries Over [------] publicly exposed Ollama AI servers across [---] countries with many enabling tool calling that allows code execution and LLMjacking abuse"
X Link 2026-01-29T18:39Z 1M followers, 15.6K engagements
"Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi Zero-click AirPlay vulnerabilities exposed in March [----] could let malware spread across networks undetected"
X Link 2025-05-05T17:07Z 1M followers, 38.2K engagements
"Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox Mozilla will release Firefox [---] with a new settings toggle that lets users completely turn off all current and future generative AI features"
X Link 2026-02-03T05:42Z 1M followers, [----] engagements
"How Samsung Knox Helps Stop Your Network Security Breach Discover how Samsung Knox enhances mobile network security with granular controls Zero Trust principles & seamless integration for a safer enterprise"
X Link 2026-02-06T10:43Z 1M followers, [----] engagements
"Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata Docker patched a critical Ask Gordon AI flaw enabling code execution and data theft via malicious image metadata in version 4.50.0"
X Link 2026-02-03T16:44Z 1M followers, 10.5K engagements
"Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App North Korean group Kimsuky uses QR code phishing sites posing as CJ Logistics to spread DocSwap Android malware with RAT capabilities"
X Link 2025-12-18T07:45Z 1M followers, [----] engagements
"Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group Rapid7 links China-linked Lotus Blossom to a [----] Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates fixed in v8.8.9"
X Link 2026-02-03T04:58Z 1M followers, 140.9K engagements
"Researchers Null-Route Over [---] Kimwolf and Aisuru Botnet Command Servers The Kimwolf botnet compromised more than [--] million Android devices turning them into residential proxies for DDoS attacks and traffic abuse"
X Link 2026-01-14T19:12Z 1M followers, [----] engagements
"Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware A multi-stage phishing campaign targeting Russia abuses GitHub and Dropbox to disable Microsoft Defender and deploy Amnesia RAT and ransomware"
X Link 2026-01-24T11:09Z 1M followers, 15.9K engagements
"New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector ESET links Russia-backed Sandworm to a failed December [----] cyberattack using DynoWiper malware against Polands power and renewable energy systems"
X Link 2026-01-24T08:24Z 1M followers, 18.4K engagements
"SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers Microsoft links SolarWinds WHD exploits to RCE lateral movement and domain compromise in multi-stage attacks"
X Link 2026-02-09T15:11Z 1M followers, [---] engagements
"Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain development environments"
X Link 2026-01-26T08:56Z 1M followers, 62.5K engagements
"CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms Poland linked December [----] cyber attacks on energy and manufacturing sites to Static Tundra involving DynoWiper and FortiGate exploits"
X Link 2026-01-31T07:11Z 1M followers, 23K engagements
"40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials Over [--] npm packages trojanized to steal GitHub and cloud credentials via bundle.js malware"
X Link 2025-09-16T05:02Z 1M followers, 280.5K engagements
"Asian State-Backed Group TGR-STA-1030 Breaches [--] Government Infrastructure Entities Asian state-linked hackers breached [--] entities used phishing N-day exploits and rootkits for global espionage"
X Link 2026-02-06T12:08Z 1M followers, 17.5K engagements
"Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44 Wiz found a critical Base44 flaw letting attackers access private apps via public app_id. Fixed by Wix"
X Link 2025-07-29T15:39Z 1M followers, 12.5K engagements
"Google to Shut Down Dark Web Monitoring Tool in February [----] Google will shut down its Dark Web Report in February [----] ending breach scans and deleting user data to refocus on actionable security tools"
X Link 2025-12-16T06:06Z 1M followers, 14.3K engagements
"Exposed Training Open the Door for Crypto-Mining in Fortune [---] Cloud Environments Exposed training apps in cloud environments enable exploitation lateral movement and crypto-mining activity across enterprise infrastructure"
X Link 2026-02-11T11:37Z 1M followers, [---] engagements
"Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments Hackers exploit NFC technology and mobile payments enabling global fraud through Google Pay and Apple Pay"
X Link 2024-11-20T13:09Z 1M followers, 28.7K engagements
"DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files using fileless memory injection and obfuscated scripts to evade detection"
X Link 2026-02-04T17:27Z 1M followers, 10.9K engagements
"Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat A new PHALT#BLYX campaign targets European hotels using fake Booking.com emails ClickFix lures PowerShell and MSBuild to deploy DCRat malware"
X Link 2026-01-06T17:29Z 1M followers, 28.1K engagements
"AI Agents Are Becoming Privilege Escalation Paths Enterprise AI agents boost automation but often run with broad permissions allowing actions beyond user access and weakening IAM controls"
X Link 2026-01-14T16:07Z 1M followers, [----] engagements
"How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring Sandbox-first investigations and automated triage cut MTTR reduce burnout and triple SOC output without extra hiring"
X Link 2026-02-09T12:29Z 1M followers, [----] engagements
"Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic Microsofts Whisper Leak shows encrypted AI chats can secretly reveal user topics through subtle traffic patterns"
X Link 2025-11-08T14:31Z 1M followers, 102.8K engagements
"The First [--] Seconds: How Early Decisions Shape Incident Response Investigations Early incident response decisionsevidence preservation execution analysis and logging visibilitydetermine investigation success"
X Link 2026-02-04T12:00Z 1M followers, [--] engagements
"⚡ Weekly Recap: Proxy Botnet Office Zero-Day MongoDB Ransoms AI Hijacks & New Threats This weeks cybersecurity recap highlights key attacks zero-days and patches to keep you informed and secure"
X Link 2026-02-02T13:22Z 1M followers, 10.2K engagements
"Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data Ivanti EPMM zero-day flaws enabled cyberattacks on Dutch EU and Finnish government systems exposing employee contact and device data"
X Link 2026-02-10T08:26Z 1M followers, 10.1K engagements
"Who Approved This Agent Rethinking Access Accountability and Risk in the Age of AI Agents AI agents break traditional IAM by enabling delegated access authorization bypass and high-risk ownerless organizational automation"
X Link 2026-01-24T09:00Z 1M followers, 11.5K engagements
"Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends Infy hackers revived operations post-Iran blackout deploying Tornado malware Telegram C2 and WinRAR exploits"
X Link 2026-02-05T10:29Z 1M followers, [----] engagements
"Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks China-linked Mustang Panda used updated COOLCLIENT malware in [----] espionage to steal data from government and telecom targets across Asia and Russia"
X Link 2026-01-28T12:22Z 1M followers, [----] engagements
"North Korealinked Kimsuky has been tied to a new Android malware campaign. The group is spreading a fresh DocSwap variant through QR codes on fake CJ Logistics sites. Once installed the app deploys a full RAT with access to messages calls files audio and camera. π Read analysis here https://thehackernews.com/2025/12/kimsuky-spreads-docswap-android-malware.html https://thehackernews.com/2025/12/kimsuky-spreads-docswap-android-malware.html"
X Link 2025-12-18T07:45Z 1M followers, [----] engagements
"π¨ Trend Micro patched a critical flaw in on-prem Apex Central for Windows that can lead to SYSTEM-level code execution. CVE-2025-69258 (CVSS 9.8) allows a remote unauthenticated attacker with endpoint access to load a malicious DLL via MsgReceiver.exe. On-prem builds below [----] are affected. π Details https://thehackernews.com/2026/01/trend-micro-apex-central-rce-flaw.html https://thehackernews.com/2026/01/trend-micro-apex-central-rce-flaw.html"
X Link 2026-01-09T10:01Z 1M followers, 12.3K engagements
"π¨ Uncharted: The AI Safety & Security Summit hosted by Fuel iX. Hidden vulnerabilities and compliance challenges are emerging faster than ever. Access [--] expert-led sessions and a comprehensive report revealing risks in [--] generative AI models. π Uncover hidden dangers in frontier AI models β Learn legal frameworks balancing innovation with responsibility π‘ Get proactive defense strategies from top CISOs π Receive a detailed report on vulnerabilities and actionable strategies Access it now on-demand: https://thn.news/ai-summit-insights https://thn.news/ai-summit-insights"
X Link 2026-01-20T13:06Z 1M followers, 43.1K engagements
"π¨ Fortinet confirms active exploitation of CVE-2025-59718 / [-----] allowing FortiGate FortiCloud SSO bypass even on fully patched devices. Attackers abuse crafted SAML logins to gain admin access add persistent accounts enable VPN and steal configs. Disabling FortiCloud SSO is advised. π Details https://thehackernews.com/2026/01/fortinet-confirms-active-forticloud-sso.html https://thehackernews.com/2026/01/fortinet-confirms-active-forticloud-sso.html"
X Link 2026-01-23T12:31Z 1M followers, 17.5K engagements
"π A WinRAR bug fixed in July [----] is still being exploited. Researchers at Google ties CVE-2025-8088 to Russia- and China-linked actors plus cybercrime groups deploying RATs and stealers showing how quickly n-days get reused. π Read https://thehackernews.com/2026/01/google-warns-of-active-exploitation-of.html https://thehackernews.com/2026/01/google-warns-of-active-exploitation-of.html"
X Link 2026-01-28T09:48Z 1M followers, [----] engagements
"π Malicious PyPI spellchecker packages shipped a Python RAT. The payload was hidden in a dictionary file stayed dormant then executed after an update. spellcheckpy v1.2.0 activated it turning a simple import into remote access. π Read https://thehackernews.com/2026/01/fake-python-spellchecker-packages-on.html https://thehackernews.com/2026/01/fake-python-spellchecker-packages-on.html"
X Link 2026-01-28T10:01Z 1M followers, [----] engagements
"π¨ A critical flaw in the vm2 Node.js library lets attackers escape the sandbox and run code on the host system. Tracked as CVE-2026-22709 (CVSS 9.8) the issue stems from improper Promise handler sanitization. π How the flaw works https://thehackernews.com/2026/01/critical-vm2-nodejs-flaw-allows-sandbox.html https://thehackernews.com/2026/01/critical-vm2-nodejs-flaw-allows-sandbox.html"
X Link 2026-01-28T14:07Z 1M followers, [----] engagements
"π Chrome extensions are being abused at scale. Researchers uncovered tools that hijack affiliate links scrape shopping data steal ChatGPT login tokens and even deliver phishing pageswhile passing official store reviews. π Learn more about the affiliate fraud AI token theft and the browser as attack surface https://thehackernews.com/2026/01/researchers-uncover-chrome-extensions.html https://thehackernews.com/2026/01/researchers-uncover-chrome-extensions.html"
X Link 2026-01-30T13:47Z 1M followers, 20.7K engagements
"β Poland confirms coordinated cyber attacks on 30+ renewable energy sites and a major CHP plant. CERT Polska says the campaign was destructive using wiper malware but failed to disrupt power or heat supply. Access came via vulnerable Fortinet devices. π Read https://thehackernews.com/2026/01/poland-attributes-december-cyber.html https://thehackernews.com/2026/01/poland-attributes-december-cyber.html"
X Link 2026-01-31T07:11Z 1M followers, 20.8K engagements
"β‘ Microsoft will phase out NTLM in Windows through a three-step plan. Deprecated in June [----] NTLM remains widely used despite known security flaws. NTLM will be disabled by default in a future Windows release with Kerberos becoming the standard. π dtails https://thehackernews.com/2026/02/microsoft-begins-ntlm-phase-out-with.html https://thehackernews.com/2026/02/microsoft-begins-ntlm-phase-out-with.html"
X Link 2026-02-02T16:06Z 1M followers, 14.2K engagements
"π₯ A high-severity RCE flaw in OpenClaw lets attackers take over the local agent with a single click. A crafted link can steal a gateway token via unvalidated WebSocket origins enabling full command execution even on localhost-only setups through the users browser. π Details and attack chain https://thehackernews.com/2026/02/openclaw-bug-enables-one-click-remote.html https://thehackernews.com/2026/02/openclaw-bug-enables-one-click-remote.html"
X Link 2026-02-02T16:35Z 1M followers, 29.9K engagements
"β‘π€ Researchers find [---] malicious ClawHub skills targeting OpenClaw users via fake install steps. The skills deploy Atomic Stealer on macOS and keylogging malware on Windows abusing OpenClaws open marketplace model. π Read https://thehackernews.com/2026/02/researchers-find-341-malicious-clawhub.html https://thehackernews.com/2026/02/researchers-find-341-malicious-clawhub.html"
X Link 2026-02-02T17:52Z 1M followers, 23.9K engagements
"π€ Mozilla will add 1-click Firefox setting to fully disable generative AI features. With Firefox [---] users can block all current and future AI features or manage them individually keeping AI strictly opt-in as browsers add more automation. π Read https://thehackernews.com/2026/02/mozilla-adds-one-click-option-to.html https://thehackernews.com/2026/02/mozilla-adds-one-click-option-to.html"
X Link 2026-02-03T05:42Z 1M followers, [----] engagements
"πΈ Exposed C2 server showed a complete BYOB botnet in the open π§ Droppers loaders and RATs for Windows Linux and macOS were publicly accessible revealing a multi-stage chain for evasion persistence and control. Crypto miners were also hosted. π Read https://thehackernews.com/2026/02/weekly-recap-proxy-botnet-office-zero.html#::text=Exposed%20C2%20Server%20Reveals%20BYOB%20Infrastructure https://thehackernews.com/2026/02/weekly-recap-proxy-botnet-office-zero.html#::text=Exposed%20C2%20Server%20Reveals%20BYOB%20Infrastructure"
X Link 2026-02-03T07:24Z 1M followers, [----] engagements
"π‘ Russia-linked APT28 exploited a newly disclosed Microsoft Office flaw within days of disclosure. CVE-2026-21509 was used via malicious RTF files with geo-fenced delivery targeting Ukraine Slovakia and Romania. π Read https://thehackernews.com/2026/02/apt28-uses-microsoft-office-cve-2026.html https://thehackernews.com/2026/02/apt28-uses-microsoft-office-cve-2026.html"
X Link 2026-02-03T09:13Z 1M followers, [----] engagements
"π’ WEBINAR ALERT Adding tools hasnt made SOCs calmer or faster. Its mostly added noise. In this session two SOC operators walk through practical build vs buy decisions real models and a customer case study you can reuse. π Join to Watch: https://thehackernews.com/2026/02/webinar-smarter-soc-blueprint-learn.html https://thehackernews.com/2026/02/webinar-smarter-soc-blueprint-learn.html"
X Link 2026-02-03T14:56Z 1M followers, 10.8K engagements
"π Microsoft warns infostealers are expanding from Windows to macOS. Since late [----] malvertising (Google Ads) and ClickFix lures have delivered fake DMG installers. Python-based stealers abuse native macOS tools + AppleScript to extract creds cookies and iCloud Keychain data. π Attack chain and theft capabilities https://thehackernews.com/2026/02/microsoft-warns-python-infostealers.html https://thehackernews.com/2026/02/microsoft-warns-python-infostealers.html"
X Link 2026-02-04T07:44Z 1M followers, [----] engagements
"π¨We tested [--] leading GenAI models for security vulnerabilities. All [--] failed. Attack success rates ranged from 1.13% to 64.13%. Every model demonstrated exploitable flaws that could turn AI systems into attack vectors. Key findings: - [--] frontier models tested - Hundreds of vulnerabilities found - 100% failure rate - Up to 64% attack success As GenAI transforms industries these results reveal a critical safety & security gap. Traditional security methods can't address the probabilistic nature of AI systems. Our report includes: β
Security profiles of all [--] models β
Analysis of the AI"
X Link 2026-02-04T13:23Z 1M followers, [----] engagements
"Threat actors are delivering AsyncRAT via IPFS-hosted VHD files in DEAD#VAX. Phishing emails mount fake PDF drives that run obfuscated scripts and in-memory shellcode inside trusted Windows processesminimal disk trace. π§ Fileless π° IPFS πͺ Process injection πRead https://thehackernews.com/2026/02/deadvax-malware-campaign-deploys.html https://thehackernews.com/2026/02/deadvax-malware-campaign-deploys.html"
X Link 2026-02-04T17:27Z 1M followers, [----] engagements
"β Attackers are hijacking live web traffic by weaponizing NGINX configs linked to React2Shell exploitation. Rogue proxy rules silently reroute user sessions through attacker infrastructureimpacting π gov πedu and Asian π TLD sites. π Details https://thehackernews.com/2026/02/hackers-exploit-react2shell-to-hijack.html https://thehackernews.com/2026/02/hackers-exploit-react2shell-to-hijack.html"
X Link 2026-02-05T04:58Z 1M followers, [----] engagements
"β Critical RCE flaw in n8n (CVE-2026-25049 CVSS 9.4) lets authenticated users execute system commands via crafted workflow expressions. Public webhooks exposed remote trigger credential theft server takeover. π Exploit path affected versions patch details https://thehackernews.com/2026/02/critical-n8n-flaw-cve-2026-25049.html https://thehackernews.com/2026/02/critical-n8n-flaw-cve-2026-25049.html"
X Link 2026-02-05T06:23Z 1M followers, 12.9K engagements
"Passwords are sliding into legacy status. Passkeys AI governance and verifiable credentials are scaling as identity shifts to real-time trust per Rex Booth SailPoint. π [--] predictions reshaping identity security https://thehackernews.com/expert-insights/2026/02/9-identity-security-predictions-for-2026.html https://thehackernews.com/expert-insights/2026/02/9-identity-security-predictions-for-2026.html"
X Link 2026-02-05T07:59Z 1M followers, [----] engagements
"π» Iran-linked APT Infy paused C2 ops during Irans Jan internet blackout then rebuilt infrastructure as access returned. Timing ties activity to state network controls. Latest malware uses Telegram + HTTP for dual-channel C2. π Timeline tooling evolution infra rebuild https://thehackernews.com/2026/02/infy-hackers-resume-operations-with-new.html https://thehackernews.com/2026/02/infy-hackers-resume-operations-with-new.html"
X Link 2026-02-05T10:29Z 1M followers, [----] engagements
"π¦β Is your container adoption outpacing your security maturity Youre not alone. @ActiveState's [----] State of Vulnerability Management & Remediation Report found 82% of DevSecOps leaders experienced a container-related breach last year and 87% expect one in [----]. Learn how to close the remediation gap and the role AI will play in securing your stack by [----]. π₯ Download the report https://thn.news/container-sec-guide https://thn.news/container-sec-guide"
X Link 2026-02-05T12:46Z 1M followers, [----] engagements
"π¨ ThreatsDay Bulletin is live. Watch out for dozens of critical signals showing where attacks are heading next. Codespaces RCE AI cloud intrusion AsyncRAT C2 BYOVD abuse .and 15+ more stories. All updates in one place https://thehackernews.com/2026/02/threatsday-bulletin-codespaces-rce.html https://thehackernews.com/2026/02/threatsday-bulletin-codespaces-rce.html"
X Link 2026-02-05T13:05Z 1M followers, 58.1K engagements
"π Infra & Ops SystemBC botnet DDoSia ops Crypto drainers ClickFix framework ErrTraffic TDS Botnet proxy layers Infra key reuse VPS hosting clusters"
X Link 2026-02-05T13:05Z 1M followers, [----] engagements
"π° Threat Actors & Campaigns Lazarus Nordics Typhoon overlap APT36 startups ShadowSyndicate infra Ransomware CVE surge Crimson RAT lures Crypto scam affiliates Strategic DDoS arrests Entire bulletin here https://thehackernews.com/2026/02/threatsday-bulletin-codespaces-rce.html https://thehackernews.com/2026/02/threatsday-bulletin-codespaces-rce.html"
X Link 2026-02-05T13:05Z 1M followers, [----] engagements
"AI is foundational for security teams but operational relief still feels out of reach. Tines just launched Voice of Security [----] based on insights from 1800+ security leaders and practitioners. The data shows why workloads remain high and what it takes to unlock real AI impact π https://thn.news/security-insights-24-x https://thn.news/security-insights-24-x"
X Link 2026-02-05T14:02Z 1M followers, [----] engagements
"πβ AISURU/Kimwolf launched a record [----] Tbps HTTP DDoS attack mitigated by Cloudflare. Same botnet drove holiday flood campaigns as Q4 hyper-volumetric attacks surged. Runs on 2M+ infected Android devices via proxy networks. π Read https://thehackernews.com/2026/02/aisurukimwolf-botnet-launches-record.html https://thehackernews.com/2026/02/aisurukimwolf-botnet-launches-record.html"
X Link 2026-02-05T17:28Z 1M followers, 12.9K engagements
"Kaspersky uncovered three separate infection chains in the Notepad++ supply-chain breach. Attackers rotated C2s payloads and installers for four months targeting government finance and IT entities across multiple regions. Activity stopped in Nov [----]. π Read update here https://thehackernews.com/2026/02/notepad-hosting-breach-attributed-to.html#kaspersky-observes-3-infection-chains https://thehackernews.com/2026/02/notepad-hosting-breach-attributed-to.html#kaspersky-observes-3-infection-chains"
X Link 2026-02-06T07:40Z 1M followers, 84.1K engagements
"π‘ Turn intel into action with a 6-stage Threat-Informed Defense pipeline. Map adversary TTPs simulate attacks validate controls and prioritize fixes that reduce real risk. π Download Guide (Framework steps + tooling) https://www.linkedin.com/pulse/turn-intel-action-guide-threatinformed-defense-thehackernews-hru3c/ https://www.linkedin.com/pulse/turn-intel-action-guide-threatinformed-defense-thehackernews-hru3c/"
X Link 2026-02-06T10:36Z 1M followers, [----] engagements
"ππ±π Enterprise security wasnt designed for mobile behavior. Devices move between corporate and public networks while handling sensitive data. Knox Firewall enforces per-app network controls restricting traffic by IP/domain with detailed access logs for investigations. π App rules traffic visibility logging depth https://thehackernews.com/2026/02/how-samsung-knox-helps-stop-your-network-security-breach.html https://thehackernews.com/2026/02/how-samsung-knox-helps-stop-your-network-security-breach.html"
X Link 2026-02-06T11:30Z 1M followers, [----] engagements
"State-linked hackers breached 70+ government & critical infrastructure networks across [--] countries Unit [--] reports. Targets include law enforcement finance ministries and border control. Initial access via phishing loaders with payloads staged on GitHub. π Intrusion chain malware design targeting scope https://thehackernews.com/2026/02/asian-state-backed-group-tgr-sta-1030.html https://thehackernews.com/2026/02/asian-state-backed-group-tgr-sta-1030.html"
X Link 2026-02-06T12:08Z 1M followers, 17.2K engagements
"Cisco Talos exposed DKnife a China-linked AitM framework active since [----] on compromised routers and edge devices. It monitors traffic steals credentials and hijacks app/software updates to deploy ShadowPad and DarkNimbus on PCs and phones. π Modules and infection chain https://thehackernews.com/2026/02/china-linked-dknife-aitm-framework.html https://thehackernews.com/2026/02/china-linked-dknife-aitm-framework.html"
X Link 2026-02-06T14:57Z 1M followers, [----] engagements
"π¨ UPDATE: CISA adds SmarterMail RCE (CVE-2026-24423) to KEV after confirming ransomware exploitation in the wild. Unauthenticated attackers can run commands via the ConnectToHub API. Federal agencies must patch by Feb [--]. π Full update https://thehackernews.com/2026/01/smartermail-fixes-critical.html#flaw-exploited-in-ransomware-attacks https://thehackernews.com/2026/01/smartermail-fixes-critical.html#flaw-exploited-in-ransomware-attacks"
X Link 2026-02-06T17:04Z 1M followers, [----] engagements
"π Bloody Wolf tied to a spear-phishing campaign deploying NetSupport RAT across Central Asia and Russia. [--] victims across government finance manufacturing. Malicious PDFs drop loaders that persist via scripts + scheduled tasks. π Details https://thehackernews.com/2026/02/bloody-wolf-targets-uzbekistan-russia.html https://thehackernews.com/2026/02/bloody-wolf-targets-uzbekistan-russia.html"
X Link 2026-02-09T10:58Z 1M followers, 11.5K engagements
"To celebrate the ultimate partnership this Valentines Day @OrchidSecurity is sharing our "Security Sweetheart" candies. These aren't your typical grocery store hearts they are designed for the unique bond between the IAM + CISO. The Security Sweetheart Collection π¬ Which one would you send to your security "other half" SSO [--] EVA: Because true love means only having to log in once. AUDIT ME: Total transparency is the foundation of any healthy relationship. NO SILOS: Breaking down walls is our love language. ZERO TRUST: It sounds harsh but in security its the ultimate form of devotion. MFA ME:"
X Link 2026-02-09T11:32Z 1M followers, [----] engagements
"π§ͺβ‘ SOC teams arent failing on tools theyre overloaded by triage. Constant validation loops are fueling burnout and SLA drift. CISOs are moving to sandbox-first workflows exposing live behavior early and reducing escalations MTTR and senior drag. π How evidence replaces guesswork https://thehackernews.com/2026/02/how-top-cisos-solve-burnout-and-speed.html https://thehackernews.com/2026/02/how-top-cisos-solve-burnout-and-speed.html"
X Link 2026-02-09T14:19Z 1M followers, [----] engagements
"π¨ Ivanti EPMM Zero-Day Exploits Breach Dutch Regulators Linked to Wider EU Government Intrusions. Attackers exploited CVSS [---] unauthenticated RCE flaws to access employee work contact data. Related activity also impacted the European Commission and Finlands Valtori systems. π Details https://thehackernews.com/2026/02/dutch-authorities-confirm-ivanti-zero.html https://thehackernews.com/2026/02/dutch-authorities-confirm-ivanti-zero.html"
X Link 2026-02-10T08:26Z 1M followers, 10.1K engagements
"π΅ββ Ransomware Persists But Encryption Is No Longer the Main Signal of Attack Picus reviewed 1.1M malware samples and found a shift toward stealth access over disruption. Encryption attacks fell 38% YoY as extortion moves to data theft and credential abuse. π Explore the full stealth-attack dataset https://thehackernews.com/2026/02/from-ransomware-to-residency-inside.html https://thehackernews.com/2026/02/from-ransomware-to-residency-inside.html"
X Link 2026-02-10T14:02Z 1M followers, [----] engagements
"π§π»π» North Korean operatives are using real LinkedIn accounts to land remote IT jobs in Western firms. With impersonated profiles and verified emails DPRK actors secure roles to fund weapons programs and conduct espionagesome gain admin access steal data and maintain persistence. π Read the full investigation https://thehackernews.com/2026/02/dprk-operatives-impersonate.html https://thehackernews.com/2026/02/dprk-operatives-impersonate.html"
X Link 2026-02-10T17:46Z 1M followers, 12K engagements
"Security startup @zast_ai secured new backing to scale AI-driven vulnerability validation. Its research led to [---] CVE assignments after uncovering hundreds of zero-days. Affected targets included Azure SDK Apache Struts and Alibaba Nacos. π Funding research scope enterprise impact https://thehackernews.com/2026/02/zastai-raises-6m-pre-to-scale-zero.html https://thehackernews.com/2026/02/zastai-raises-6m-pre-to-scale-zero.html"
X Link 2026-02-11T09:03Z 1M followers, [----] engagements
"π¨ Microsoft Patches [--] Flaws [--] Actively Exploited in the Wild Fixes hit Windows Shell MSHTML Office and Remote Desktop with privilege escalation leading the risk landscape. π Read Full CVEs exploitation details & patch scope Hey @Grok summarize all six zero-days. https://thehackernews.com/2026/02/microsoft-patches-59-vulnerabilities.html https://thehackernews.com/2026/02/microsoft-patches-59-vulnerabilities.html"
X Link 2026-02-11T10:28Z 1M followers, [----] engagements
"On February [--] at 9:00 AM PT @Semgrep is hosting its first-ever virtual keynote - Semgrep Secure 2026: Code Security Rebuilt for the AI Era AI is now writing more code than humans and most of it is never reviewed line by line. That reality breaks the assumptions behind traditional AppSec tools which were built for a world where every line of code was human-authored and inspected. This isnt AI added to security. Its security rebuilt for how code is actually created today. Register now and join us live: https://thn.news/semgrep-secure-2026 https://thn.news/semgrep-secure-2026"
X Link 2026-02-11T11:33Z 1M followers, [----] engagements
"Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access A 9.8-severity flaw (CVE-2026-24061) in GNU InetUtils telnetd allows remote authentication bypass and root access in versions 1.9.3 to 2.7"
X Link 2026-01-22T16:32Z 1M followers, 53.1K engagements
"OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in v2026.1.29"
X Link 2026-02-02T16:35Z 1M followers, 87.9K engagements
"Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support Google finds nation-state hackers abusing Gemini AI for target profiling phishing kits malware staging and model extraction attacks"
X Link 2026-02-12T17:59Z 1M followers, 15.5K engagements
"North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations UNC1069 targets crypto firms via Telegram lures fake Zoom meetings and multi-stage malware to steal credentials browser data and funds"
X Link 2026-02-11T06:52Z 1M followers, [----] engagements
"npm’s Update to Harden Their Supply Chain and Points to Consider npms token overhaul boosts security but MFA bypass phishing and console access still enable supply-chain attacks"
X Link 2026-02-13T10:46Z 1M followers, [----] engagements
"π₯ Anthropics Claude Opus [---] AI found 500+ previously unknown high-severity flaws in open-source code. Impacted: Ghostscript OpenSC CGIF. Bugs ranged from buffer overflows to memory corruption all validated and patched. π Details https://thehackernews.com/2026/02/claude-opus-46-finds-500-high-severity.html https://thehackernews.com/2026/02/claude-opus-46-finds-500-high-severity.html"
X Link 2026-02-06T05:52Z 1M followers, 72.8K engagements
"π΅βπ° North Korea-linked UNC1069 used deepfake Zoom calls to hack crypto firms. Posing via Telegram attackers lured victims into fake meetings triggering ClickFix commands that deployed multi-stage malware on macOS & Windows to steal wallets and credentials. π Read https://thehackernews.com/2026/02/north-korea-linked-unc1069-uses-ai.html https://thehackernews.com/2026/02/north-korea-linked-unc1069-uses-ai.html"
X Link 2026-02-11T06:52Z 1M followers, [----] engagements
"β Microsoft detailed a new ClickFix variant abusing DNS lookups via nslookup to stage malware. Victims run commands that fetch payloads from attacker-controlled resolvers bypassing web defenses and blending into normal traffic. Leads to RAT deployment and persistence. π Read here https://thehackernews.com/2026/02/microsoft-discloses-dns-based-clickfix.html https://thehackernews.com/2026/02/microsoft-discloses-dns-based-clickfix.html"
X Link 2026-02-15T14:25Z 1M followers, 55.7K engagements
"GlassWorm Returns with [--] Malicious Extensions Impersonating Popular Developer Tools GlassWorm spreads again using [--] fake extensions across Visual Studio Marketplace and Open VSX hiding Rust implants & Solana-based C2 to target devs"
X Link 2025-12-02T15:03Z 1M followers, 76.1K engagements
"GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs GlassWorm malware returns in VS Code extensions hiding via Unicode and reviving itself through blockchain"
X Link 2025-11-10T08:53Z 1M followers, 107.4K engagements
"Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack GlassWorm spread via [--] VS Code extensions; Solana + Google Calendar C2; stole credentials drained [--] wallets"
X Link 2025-10-24T09:17Z 1M followers, 60.7K engagements
"β ALERT A critical RCE flaw (CVSS 9.9) was found in the n8n workflow automation platform. CVE-2025-68613 lets authenticated users execute arbitrary code enabling full instance takeover data access and system-level actions. More than 103k exposed instances are observed globally. π Details https://thehackernews.com/2025/12/critical-n8n-flaw-cvss-99-enables.html https://thehackernews.com/2025/12/critical-n8n-flaw-cvss-99-enables.html"
X Link 2025-12-23T07:37Z 1M followers, 300.1K engagements
"Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware enabling stealthy payload delivery and RAT deployment"
X Link 2026-02-15T14:25Z 1M followers, 56.5K engagements
"Claude Opus [---] Finds 500+ High-Severity Flaws Across Major Open-Source Libraries Anthropics Claude Opus [---] identified 500+ unknown high-severity flaws in open-source projects advancing AI-driven vulnerability detection"
X Link 2026-02-06T05:52Z 1M followers, 128.2K engagements
"π¨ Google patched Chrome zero-day CVE-2026-2441 a CVSS [---] bug already exploited in attacks. The CSS use-after-free flaw allows sandboxed remote code execution via malicious pages. π Read First active Chrome zero-day fixed this year. Update now. https://thehackernews.com/2026/02/new-chrome-zero-day-cve-2026-2441-under.html https://thehackernews.com/2026/02/new-chrome-zero-day-cve-2026-2441-under.html"
X Link 2026-02-16T06:40Z 1M followers, 36.9K engagements
"Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud Lithuania invests 24.1M in AI-driven cybersecurity as GenAI fraud and deepfake threats escalate"
X Link 2026-02-16T12:42Z 1M followers, [--] engagements
"New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft ZeroDayRAT is a cross-platform mobile spyware sold on Telegram that enables live surveillance OTP theft and financial data theft on infected devices"
X Link 2026-02-16T11:17Z 1M followers, 10.5K engagements
"China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign UNC3886 targeted Singapores telecom operators via zero-day exploits rootkits and VMware systems; no customer data breach confirmed"
X Link 2026-02-09T17:02Z 1M followers, 12.1K engagements
"Google to Verify All Android Developers in [--] Countries to Block Malicious Apps Google will verify all Android developers by September [----] in select countries to curb malicious apps"
X Link 2025-08-26T06:29Z 1M followers, 7.1M engagements
"Apple Fixes Exploited Zero-Day Affecting iOS macOS and Apple Devices Apple releases security updates fixing exploited dyld zero-day CVE-2026-20700 enabling code execution across iOS macOS and Apple devices"
X Link 2026-02-12T05:51Z 1M followers, 36K engagements
"9 Identity Security Predictions for [----] Nine identity security predictions for [----] covering AI governance passwordless access decentralized identity IoT and post-quantum cryptography"
X Link 2026-02-05T07:59Z 1M followers, 16.8K engagements
"First Malicious Outlook Add-In Found Stealing 4000+ Microsoft Credentials First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page stealing 4000+ credentials in a supply chain attack"
X Link 2026-02-11T23:50Z 1M followers, 17.4K engagements
"Weekly Recap: Outlook Add-Ins Hijack 0-Day Patches Wormable Botnet & AI Malware Outlook add-in phishing Chrome and Apple zero-days BeyondTrust RCE cloud botnets AI-driven threats ransomware activity and critical CVEs"
X Link 2026-02-16T12:58Z 1M followers, 25.1K engagements
"ShadyPanda Turns Popular Browser Extensions with [---] Million Installs Into Spyware ShadyPanda abused browser extensions for seven years turning 4.3M installs into a multi-phase surveillance and hijacking campaign"
X Link 2025-12-01T17:34Z 1M followers, 64.1K engagements
"New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released Google fixes actively exploited Chrome zero-day CVE-2026-2441 a high-severity CSS use-after-free flaw enabling sandboxed remote code execution"
X Link 2026-02-16T06:40Z 1M followers, 37K engagements
"Researchers Find [---] Malicious ClawHub Skills Stealing Data from OpenClaw Users A security audit found [---] malicious ClawHub skills abusing OpenClaw to spread Atomic Stealer and steal credentials on macOS and Windows"
X Link 2026-02-02T17:52Z 1M followers, 26.3K engagements
"The Uncomfortable Truth About "More Visibility" Cyber attacks average [----] weekly as ClickFix ransomware shifts and exposure gaps accelerate exploitation beyond defense response"
X Link 2026-02-16T10:25Z 1M followers, [----] engagements
"π Important: Google is locking down Android. Starting Sept [----] every app even outside the Play Store must come from a verified developer. No more anonymous sideloads. No quick comebacks for malware gangs. First up: Brazil Indonesia Singapore Thailand. Full story https://thehackernews.com/2025/08/google-to-verify-all-android-developers.html https://thehackernews.com/2025/08/google-to-verify-all-android-developers.html"
X Link 2025-08-26T06:29Z 1M followers, 7.1M engagements
"β π Reynolds ransomware embeds its own BYOVD evasion bundling a vulnerable driver to disable EDR before encryption. It drops the NSecKrnl driver (CVE-2025-68947) to kill security tools reducing detection and affiliate effort. π Read full attack chain and defense insights https://thehackernews.com/2026/02/reynolds-ransomware-embeds-byovd-driver.html https://thehackernews.com/2026/02/reynolds-ransomware-embeds-byovd-driver.html"
X Link 2026-02-10T14:42Z 1M followers, 54.9K engagements
"π§ Researchers uncovered SSHStalker a Linux botnet using IRC for control and mass SSH compromise. It exploits [--] legacy kernel flaws to infect unpatched systems wipes logs and maintains silent persistence. π Details https://thehackernews.com/2026/02/sshstalker-botnet-uses-irc-c2-to.html https://thehackernews.com/2026/02/sshstalker-botnet-uses-irc-c2-to.html"
X Link 2026-02-11T09:59Z 1M followers, 53.5K engagements
"π€π Identity security is shifting from static controls to AI-run decisions. As outlined by SailPoint CISO Rex Booth AI-driven identity governance will automate access in real time replacing manual reviews and standing privileges. Passkeys and decentralized IDs will further reshape authentication. π [--] forecasts shaping access trust and risk https://thehackernews.com/expert-insights/2026/02/9-identity-security-predictions-for-2026.html https://thehackernews.com/expert-insights/2026/02/9-identity-security-predictions-for-2026.html"
X Link 2026-02-11T19:15Z 1M followers, [----] engagements
"π₯ This weeks #ThreatsDayBulletin tracks intrusion tactics spreading across AI tools enterprise apps cloud and vehicles. Pattern: quiet access expanded through trusted systems. π€ Prompt abuse code exec 𧩠Loaders staged malware β OAuth/cloud misuse π Enterprise RCEs π Auto zero-days π Full threat roundup https://thehackernews.com/2026/02/threatsday-bulletin-ai-prompt-rce.html https://thehackernews.com/2026/02/threatsday-bulletin-ai-prompt-rce.html"
X Link 2026-02-12T11:52Z 1M followers, 71.9K engagements
"Researchers found the first malicious Microsoft Outlook add-in used in real attacks. Hackers hijacked an abandoned calendar plug-in claimed its expired domain and served a fake Microsoft loginstealing 4000+ credentials. The add-in still had mailbox read/write permissions. π Learn how. https://thehackernews.com/2026/02/first-malicious-outlook-add-in-found.html https://thehackernews.com/2026/02/first-malicious-outlook-add-in-found.html"
X Link 2026-02-12T17:37Z 1M followers, 17K engagements
"β‘ Google tracked multiple state groups using Gemini for vuln research exploit debugging and persona building across cyber operations. One malware strain even generated second-stage code via the API executed filelessly in memory. π Threat actor tactics malware and AI abuse cases https://thehackernews.com/2026/02/google-reports-state-backed-hackers.html https://thehackernews.com/2026/02/google-reports-state-backed-hackers.html"
X Link 2026-02-12T17:59Z 1M followers, 15.3K engagements
"Sharp findings from @GoogleCloud on AI misuse in real attacks. Also notable research from @HuntressLabs and @praetorianlabs with insights from @stvemillertime and Farida Shafik on how fast adversaries are adapting"
X Link 2026-02-13T06:49Z 1M followers, [----] engagements
"New research from @ReversingLabs and Karlo Zanki exposing Lazarus recruiter lure plus findings from @JFrogSecurity and Guy Korolevski on npm stealers. Also notable work by OpenSourceMalware and PaulMcCarty tracking crypto extortion packages tied to fake firm Veltrix Capital"
X Link 2026-02-13T06:54Z 1M followers, [----] engagements
"This weeks ThreatsDay bulletin nails how attackers are sticking with quiet misuse of trusted tools for long-term access. Solid breakdowns from @TeamT5_Official (Taiwan APT surge) @cyfirma (LTX & Telegram hijacks) @zscaler (Marco & GuLoader) @HuntressLabs (RMM abuse) @bitdefender (data-theft ransomware) @LayerXSec (Claude RCE) @GreyNoiseIO (Telnet drop) @TalosSecurity (VoidLink) @TenableSecurity (Looker flaws) @Malwarebytes (trojanized 7-Zip). π₯ This weeks #ThreatsDayBulletin tracks intrusion tactics spreading across AI tools enterprise apps cloud and vehicles. Pattern: quiet access expanded"
X Link 2026-02-13T08:15Z 1M followers, [----] engagements
"Early exploitation already hitting BeyondTrust systems. Sharp telemetry from @watchtowrlabs with @ethicalhack3r detailing tradecraft; KEV updates from @CISAgov and threat links flagged by @rapid7 and @DomainTools exposing wider supply-chain risk. CISA adds exploited flaws in @Apple Notepad++ @solarwinds and @Microsoft to KEV catalog"
X Link 2026-02-13T08:48Z 1M followers, [----] engagements
"Solid progress from @npmjs and @GHSecurityLab on token security after recent attacks. MFA phishing risks still lingermake it mandatory for publishes @chainguard_dev builds from source to avoid most known malware"
X Link 2026-02-13T10:49Z 1M followers, [----] engagements
"Solid new findings from @TalosSecurity and researchers @infosec_nick Aaron Boyd @asheermalhotra @_vventura on VoidLinks stealthy post-compromise playbook. Context from @CheckPointSW and @ontinuemxdr shows how AI-assisted malware frameworks are lowering the barrier for advanced cloud intrusions"
X Link 2026-02-13T15:29Z 1M followers, [----] engagements
"ππ‘ Google says defense contractors face sustained cyber targeting from China Iran North Korea and Russia. Campaigns span battlefield tech theft hiring infiltration and supply-chain breaches. Actors now focus on individuals and edge devices to bypass EDR visibility. π Threat clusters malware families intrusion paths https://thehackernews.com/2026/02/google-links-china-iran-russia-north.html https://thehackernews.com/2026/02/google-links-china-iran-russia-north.html"
X Link 2026-02-13T16:25Z 1M followers, 12.8K engagements
"β Researchers uncovered ZeroDayRAT a commercial mobile spyware sold on Telegram targeting Android and iOS. It enables live camera/mic feeds GPS tracking SMS and OTP theft and wallet hijacking via a self-hosted panel turning phones into full surveillance nodes. π Read https://thehackernews.com/2026/02/new-zerodayrat-mobile-spyware-enables.html https://thehackernews.com/2026/02/new-zerodayrat-mobile-spyware-enables.html"
X Link 2026-02-16T11:36Z 1M followers, 10.4K engagements
"Over [--] Software Vendors Issue Security Fixes Across OS Cloud and Network Platforms Patch Tuesday delivers fixes for [--] Microsoft flaws six exploited zero-days plus critical SAP and Intel TDX vulnerabilities"
X Link 2026-02-11T13:31Z 1M followers, [----] engagements
"Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware"
X Link 2026-02-03T14:07Z 1M followers, 14K engagements
"Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations Arctic Wolf reports automated attacks on FortiGate devices abusing FortiCloud SSO flaws to change firewall settings and steal configurations"
X Link 2026-01-22T06:12Z 1M followers, 11.3K engagements
"Apple Patches CVE-2025-43300 Zero-Day in iOS iPadOS and macOS Exploited in Targeted Attacks Apple patches CVE-2025-43300 zero-day in iOS iPadOS and macOS after active exploitation reports"
X Link 2025-08-21T04:48Z 1M followers, 375.5K engagements
"German Agencies Warn of Signal Phishing Targeting Politicians Military Journalists Germanys BSI and BfV warn of state-linked Signal phishing using fake support chats PIN theft and device linking to access sensitive accounts"
X Link 2026-02-07T11:16Z 1M followers, 80.9K engagements
"CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV ordering federal agencies to patch by February 2026"
X Link 2026-02-04T05:57Z 1M followers, [----] engagements
"OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins prompt injection & exposed instances"
X Link 2026-02-08T07:55Z 1M followers, [----] engagements
"Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities Pakistan-linked hackers targeted Indian government entities using phishing Google services Golang malware and GitHub-based command-and-control"
X Link 2026-01-27T16:46Z 1M followers, 13.5K engagements
"CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk CISA orders federal agencies to inventory upgrade and remove unsupported edge devices within [----] months to reduce cyber-espionage risk"
X Link 2026-02-06T13:44Z 1M followers, [----] engagements
"APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe"
X Link 2026-02-03T09:13Z 1M followers, 22.5K engagements
"New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code VVS Stealer is a Python-based malware sold on Telegram that steals Discord tokens browser data and credentials using heavy code obfuscation"
X Link 2026-01-05T17:23Z 1M followers, [----] engagements
"Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via Windows Startup folders"
X Link 2026-01-28T09:48Z 1M followers, [----] engagements
"ThreatsDay Bulletin: New RCEs Darknet Busts Kernel Bugs & 25+ More Stories Weekly ThreatsDay Bulletin with concise updates on cyber attacks exploits scams arrests and emerging security risks"
X Link 2026-01-29T13:04Z 1M followers, 73.9K engagements
"Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials browser data and cryptocurrency wallets on Windows"
X Link 2026-01-20T20:16Z 1M followers, [---] engagements
"TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure Worm-driven TeamPCP campaign exploits Docker Kubernetes Redis Ray and React2Shell to build proxy infrastructure for data theft and ransomware"
X Link 2026-02-09T08:39Z 1M followers, 46.9K engagements
"AISURU/Kimwolf Botnet Launches Record-Setting [----] Tbps DDoS Attack AISURU/Kimwolf launched a record [----] Tbps DDoS attack as [----] saw 47.1M incidents rising botnet scale and Android device abuse"
X Link 2026-02-05T17:28Z 1M followers, 29.2K engagements
"Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic targeting Baota panels Asian TLDs and government domains"
X Link 2026-02-05T04:58Z 1M followers, 18K engagements
"The CTEM Divide: Why 84% of Security Programs Are Falling Behind Study of [---] enterprises shows CTEM adopters achieve 50% better attack surface visibility and stronger security outcomes amid rising breach costs"
X Link 2026-02-12T10:56Z 1M followers, [----] engagements
"Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack"
X Link 2026-02-06T08:43Z 1M followers, 23.5K engagements
"China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing lures"
X Link 2026-02-04T14:13Z 1M followers, 10.7K engagements
"Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control A critical CVSS [----] vulnerability in n8n allows unauthenticated attackers to read files bypass authentication and gain full server control"
X Link 2026-01-07T13:53Z 1M followers, 63.4K engagements
"DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies North Korean IT operatives use stolen LinkedIn accounts fake hiring flows and malware to secure remote jobs steal data and fund state programs"
X Link 2026-02-10T17:46Z 1M followers, 12.5K engagements
"π Google is shutting down its dark web monitoring tool less than two years after launch. Google admitted the tool surfaced breached data but didnt give people clear next steps. Alerts without action paths dont change outcomes. π Read here: https://thehackernews.com/2025/12/google-to-shut-down-dark-web-monitoring.html https://thehackernews.com/2025/12/google-to-shut-down-dark-web-monitoring.html"
X Link 2025-12-16T06:06Z 1M followers, 14.2K engagements
"π° A fake NuGet package stole crypto wallets for more than five years. It copied a popular .NET tracing library and hid as a normal dependency. One extra letter in the author name led to about [----] downloads since [----]. It exfiltrated Stratis wallet JSON files and passwords to a Russian IP. π Read: https://thehackernews.com/2025/12/rogue-nuget-package-poses-as-tracerfody.html https://twitter.com/i/web/status/2000954995722821872 https://thehackernews.com/2025/12/rogue-nuget-package-poses-as-tracerfody.html https://twitter.com/i/web/status/2000954995722821872"
X Link 2025-12-16T15:43Z 1M followers, 10.7K engagements
"Indian government networks were targeted in two cyber campaigns linked to a Pakistan-based actor. Tracked by Zscaler as Gopher Strike and Sheet Attack the key tactic was India-only malware delivery filtered by IP and Windows systems to evade analysis. π Attack chain and tools explained https://thehackernews.com/2026/01/experts-detect-pakistan-linked-cyber.html https://thehackernews.com/2026/01/experts-detect-pakistan-linked-cyber.html"
X Link 2026-01-27T16:46Z 1M followers, 12.9K engagements
"π¨ Researchers detect active exploitation of a critical React Native CLI flaw. CVE-2025-11953 allows unauthenticated OS command execution on exposed Metro dev servers with attacks deploying PowerShell and a Rust payload. π Read https://thehackernews.com/2026/02/hackers-exploit-metro4shell-rce-flaw-in.html https://thehackernews.com/2026/02/hackers-exploit-metro4shell-rce-flaw-in.html"
X Link 2026-02-03T14:07Z 1M followers, 12.2K engagements
"π¨ SolarWinds Web Help Desk flaw added to CISA KEV CVE-2025-40551 (CVSS 9.8): unauthenticated RCE via deserialization Fixed in WHD v2026.1 Federal agencies must patch by February [--] π Read https://thehackernews.com/2026/02/cisa-adds-actively-exploited-solarwinds.html https://thehackernews.com/2026/02/cisa-adds-actively-exploited-solarwinds.html"
X Link 2026-02-04T05:57Z 1M followers, [----] engagements
"China-linked Amaranth-Dragon targeted Southeast Asian government and law enforcement networks in [----] with links to the APT41 ecosystem. Campaigns leveraged political lures and the WinRAR CVE-2025-8088 RCE flaw using cloud delivery and geo-fenced infrastructure for stealth. π Read https://thehackernews.com/2026/02/china-linked-amaranth-dragon-exploits.html https://thehackernews.com/2026/02/china-linked-amaranth-dragon-exploits.html"
X Link 2026-02-04T14:13Z 1M followers, 10.4K engagements
"π Malicious updates were published to official dYdX trading packages on npm and PyPI delivering a wallet stealer and remote access malware. Published via compromised maintainer accounts the malware hid inside transaction-signing and wallet code. πRead https://thehackernews.com/2026/02/compromised-dydx-npm-and-pypi-packages.html https://thehackernews.com/2026/02/compromised-dydx-npm-and-pypi-packages.html"
X Link 2026-02-06T08:43Z 1M followers, 16K engagements
"UPDATE: APT28 began exploiting the Office 1-day CVE-2026-21509 within [--] hours of disclosure per Trellix. Targets now include European military and transport orgs with phishing lures delivering multi-stage loaders and custom implants via cloud-hosted C2. π Infection chain sectors hit evasion design https://thehackernews.com/2026/02/apt28-uses-microsoft-office-cve-2026.html#update https://thehackernews.com/2026/02/apt28-uses-microsoft-office-cve-2026.html#update"
X Link 2026-02-06T10:00Z 1M followers, 10.9K engagements
"π CISA orders federal agencies to remove unsupported edge devices within [----] months. Unpatched firewalls routers IoT and perimeter gear are now flagged as prime entry pointsactively exploited by state-backed actors for network access. π Directive scope deadlines device list https://thehackernews.com/2026/02/cisa-orders-removal-of-unsupported-edge.html https://thehackernews.com/2026/02/cisa-orders-removal-of-unsupported-edge.html"
X Link 2026-02-06T13:44Z 1M followers, [----] engagements
"German authorities warn of a state-linked phishing campaign abusing Signal account features to hijack chats. Actors pose as support steal PINs or trick targets into device linkingenabling message interception and impersonation across political military and media networks. π Read https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html"
X Link 2026-02-07T11:16Z 1M followers, 76.3K engagements
"π Cloud worm malware campaign is systematically taking over cloud infrastructure. TeamPCP exploits exposed Docker Kubernetes Redis and React2Shell to mass-deploy proxies scanners crypto miners & ransomware across compromised clusters. π Read https://thehackernews.com/2026/02/teampcp-worm-exploits-cloud.html https://thehackernews.com/2026/02/teampcp-worm-exploits-cloud.html"
X Link 2026-02-09T08:39Z 1M followers, 46.6K engagements
"π Patch Tuesday extended across enterprise tech stacks with "60+ vendors" releasing coordinated security fixes. Widely used platforms from SAP and Windows to Chrome Linux Cisco and Fortinet patched zero-days SQL injection privilege escalation and auth bypass vulnerabilities. π Full vendor list and CVEs https://thehackernews.com/2026/02/over-60-software-vendors-issue-security.html https://thehackernews.com/2026/02/over-60-software-vendors-issue-security.html"
X Link 2026-02-11T13:31Z 1M followers, [----] engagements
"Five attacks. Five lessons. One goal: resilience. From Boeing to Ascension cybersecurity experts from Halcyon examined #ransomware incidents that reshaped cyber strategy - and the takeaways defenders can apply today. Curious which decisions changed the outcome Swipe to see the high-level hits. Dont wait for an incident to learn from one. Download the full guide: https://thn.news/attacks-changed-everything https://thn.news/attacks-changed-everything"
X Link 2026-02-11T14:00Z 1M followers, [----] engagements
"Attack surfaces are growing. Threats are accelerating. Learn how leading teams are adopting ThreatInformed Defenseto align operations with real adversary behavior not hypotheticals. This guide breaks down @FiligranHQ's sixstage TID pipelineand shows how to: Prioritize defenses based on real threats Simulate adversary behavior to validate your posture Operationalize CTI with OpenCTI+ OpenAEV Build a continuous feedback loop that sharpens detection & response π Download the guide today https://thn.news/practical-threat-defense https://thn.news/practical-threat-defense"
X Link 2026-02-12T11:18Z 1M followers, [----] engagements
"A new enterprise study shows only 16% of orgs run Continuous Threat Exposure Management (CTEM). Those that do see 50% better attack surface visibility and stronger tooling adoption creating a widening security gap as environments scale. π Peer benchmarks and risk data breakdown https://thehackernews.com/2026/02/the-ctem-divide-why-84-of-security.html https://thehackernews.com/2026/02/the-ctem-divide-why-84-of-security.html"
X Link 2026-02-12T13:35Z 1M followers, [----] engagements
"BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA BeyondTrust fixes CVSS [---] pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; [-----] instances exposed"
X Link 2026-02-09T08:04Z 1M followers, [----] engagements
"Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS [---] Vulnerability Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple Microsoft SolarWinds and Notepad++ flaws to KEV list"
X Link 2026-02-13T08:44Z 1M followers, [----] engagements
"Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows Critical n8n vulnerability CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data"
X Link 2026-02-05T06:23Z 1M followers, 21.3K engagements
"Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools Researchers uncover Reynolds ransomware embedding a vulnerable BYOVD driver to kill EDR defenses signaling advanced evasion in ransomware attacks"
X Link 2026-02-10T14:42Z 1M followers, 55K engagements
"UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors Cisco Talos links UAT-9921 to VoidLink a modular Zig-based malware targeting Linux cloud systems with stealth plugins and C2 control"
X Link 2026-02-13T15:24Z 1M followers, [----] engagements
"Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs Suspected Russian actor deploys CANFAIL malware via phishing targeting Ukrainian defense energy and aid sectors using LLM-assisted lures"
X Link 2026-02-13T17:29Z 1M followers, [----] engagements
"Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.01.120.4 affected patched in newer releases"
X Link 2025-12-23T07:37Z 1M followers, 324.8K engagements
Limited data mode. Full metrics available with subscription: lunarcrush.com/pricing