24 stories
The Hacker NewsPhishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate Remote Monitoring and Management (RMM) software as a way to establish persistent remote access to compromised hosts. The activity, codenamed VENOMOUS#HELPER, has impacted over 80 organ
Trellix Source Code Repository Breached
The cybersecurity firmโs investigation has not found any impact on its source code release or distribution process. The post Trellix Source Code Repository Breached appeared first on SecurityWeek.
Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services. [...]
The Hacker NewsProgress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file mo
Trellix discloses data breach after source code repository hack
Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. [...]
Cybersecurity DiveCritical vulnerability in cPanel leads to widespread exploitation
Researchers warn that threat activity continues to surge, including brute force attacks and ransomware.
Dark ReadingSilver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware.
Cybersecurity DiveNew MOVEit vulnerabilities prompt urgent patch warning
Progress Software warned customers to immediately upgrade the file-transfer tool to fix the serious flaws.
DShield Honeypot Update, (Mon, May 4th)
This week, I will release a few updates to our DShield honeypot. The update should happen automatically if you have "automatic updates" enabled on your system. There will be two major changes:
The Hacker Newsโก Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches. While most teams were still triaging last monthโs alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game has shifted from breach to occupat
They donโt hack, they borrow: How fraudsters target credit unions
Fraudsters aren't hacking credit unions, they are exploiting normal business processes. Flare reveals how structured loan fraud methods use stolen identities to pass verification and secure funds. [...]
Cybersecurity M&A Roundup: 33 Deals Announced in April 2026
Significant cybersecurity M&A deals announced by Airbus, Cyera, Fortra, Palo Alto Networks, Silverfort, and Socket. The post Cybersecurity M&A Roundup: 33 Deals Announced in April 2026 appeared first on SecurityWeek.
DigiCert Revokes Certificates After Support Portal Hack
Hackers delivered malware via a customer chat channel, infected an analystโs system, and accessed the internal support portal. The post DigiCert Revokes Certificates After Support Portal Hack appeared first on SecurityWeek.
Progress warns of critical MOVEit Automation auth bypass flaw
Progress Software warned customers to patch a critical authentication bypass vulnerability in its MOVEit Automation enterprise-grade managed file transfer (MFT) application. [...]
Webinar: Why MSPs must rethink security and backup strategies
Security breaches don't just test your defensesโthey test your recovery. Join Kaseya in our upcoming webinar to learn how MSPs strengthen resilience with SaaS backups and BCDR to stay operational after attacks. [...]
The Hacker News2026: The Year of AI-Assisted Attacks
On December 4, 2025, a 17-year-old was arrested in Osaka under Japanโs Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan's largest internet cafe chain. When asked, the young man shared his motivation
The Hacker NewsSilver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, follow
Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition
Here's a tip for you all. Unless you want to draw attention to yourself as a cybercriminal, don't flaunt your diamond-encrusted "HACK THE PLANET" necklace on Snapchat, or pose as a Sopranos crime boss while the FBI is reportedly closing in. Read more in my article on the Hot for Security blog.
CISA says โCopy Failโ flaw now exploited to root Linux systems
CISA has warned that threat actors have started exploiting the "Copy Fail" Linux security vulnerability in the wild, one day after Theori researchers disclosed it and shared a proof-of-concept (PoC) exploit. [...]
Dark ReadingHow Dark Reading Lifted Off the Launchpad in 2006
Twenty years ago, this media brand didn't have a print edition to attract eyeballs and sponsors. Top-notch content and editorial talent did the heavy lifting.
Exploitation of โCopy Failโ Linux Vulnerability Begins
CISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with PoC testing. The post Exploitation of โCopy Failโ Linux Vulnerability Begins appeared first on SecurityWeek.
Microsoft confirms April Windows updates cause backup failures
Microsoft has confirmed that the April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver. [...]
OpenAI Rolls Out Advanced Security for ChatGPT Accounts
Advanced Account Security provides stronger login methods, more secure account recovery, shorter sessions, and training exclusion. The post OpenAI Rolls Out Advanced Security for ChatGPT Accounts appeared first on SecurityWeek.
The Hacker NewsCritical cPanel Vulnerability Weaponized to Target Government and MSP Networks
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed v