The Hacker News

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

MuddyWater targeted 9 organizations in 9 countries during Q1 2026, using DLL side-loading to steal data and evade detection.
The Hacker News

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Microsoft released fixes for SharePoint remote code execution vulnerability CVE-2026-45659 with a CVSS score of 8.8.
The Hacker News

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

Nimbus Manticore used AI-assisted MiniFast malware in 2026 campaigns, expanding espionage through SEO poisoning and phishing.
The Hacker News

CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

CERT-In ordered 12-hour patching for critical internet-facing flaws as AI-driven attacks accelerate cyber exploitation.
The Hacker News

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You

MFA prompt bombing enabled Cisco attackers to steal 2.8GB in 2022, exposing push MFA weaknesses and account takeover risks.
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.
The Hacker News

[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back

Learn how to fight back against AI-powered cyber attacks. Register for our free 45-minute live webinar and protect your ...