The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
The Hacker News

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile ...
The Hacker News

Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments

Exposed training apps in cloud environments enable exploitation, lateral movement, and crypto-mining activity across ...
The Hacker News

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Google finds nation-state hackers abusing Gemini AI for target profiling, phishing kits, malware staging, and model extraction attacks.
The Hacker News

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Apple releases security updates fixing exploited dyld zero-day CVE-2026-20700 enabling code execution across iOS, macOS, and Apple devices.
The Hacker News

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

Study of 128 enterprises shows CTEM adopters achieve 50% better attack surface visibility and stronger security outcomes amid rising breach costs.