The Hacker News

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Canada’s spy agency used a court-approved warrant to neutralize two foreign-run botnets abusing routers, servers, and IoT ...
The Hacker News

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

AryStinger malware has infected 4,300 Realtek RTL819X routers, using old CVEs to scan targets, tunnel traffic, and hide ...
The Hacker News

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries

Google will block normal installs of apps from unverified Android developers in Brazil, Indonesia, Singapore, and Thailand ...
The Hacker News

Stop Your Legacy Infrastructure from Hijacking Your AI Agents

AI agents inherit risk from legacy servers, AD, IAM, and cloud storage, creating attack paths that bypass model-level ...
The Hacker News

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

INTERPOL says phishing, ransomware, DDoS attacks, infostealers, and AI-driven scams are driving cybercrime growth across Asia ...
The Hacker News

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

Researchers detail REF8372, a malvertising campaign using fake Node.js ads, Storj-hosted payloads, and OXLOADER to deploy ...
The Hacker News

âš¡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...
The Hacker News

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants

Four DifyTap flaws could expose private AI chats and files across Dify tenants; three are fixed in version 1.14.2.
The Hacker News

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests

The leaked bytes are the useful part. Squid reuses freed memory buffers without zeroing them, so a 4KB buffer that recently held a victim's HTTP request still holds most of it. A short FTP line ...
The Hacker News

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Salesforce disabled Klue Battlecards integration after attackers used compromised OAuth tokens to access customer CRM data ...
The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...