Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
Ravie LakshmananMar 11, 2026 Vulnerability / Application Security Cybersecurity researchers have disclosed details of two now-patched security flaws in the...
Hacking
Category Added in a WPeMatico Campaign
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
Ravie LakshmananMar 11, 2026Cybercrime / Artificial Intelligence Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers...
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
Ravie LakshmananMar 11, 2026Vulnerability / Enterprise Security SAP has released security updates to address two critical security flaws that could...
What Boards Must Demand in the Age of AI-Automated Exploitation
“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be...
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that...
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
Ravie LakshmananMar 11, 2026DevSecOps / AI Security A threat actor known as UNC6426 leveraged keys stolen following the supply chain...
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the...
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Ravie LakshmananMar 10, 2026Network Security / Vulnerability Cybersecurity researchers are calling attention to a new campaign where threat actors are...
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
The Hacker NewsMar 10, 2026Artificial Intelligence / Threat Detection Artificial Intelligence (AI) is no longer just a tool we talk...
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when...
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
Ravie LakshmananMar 10, 2026Cyber Espionage / Threat Intelligence The Russian state-sponsored hacking group tracked as APT28 has been observed using...
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
Ravie LakshmananMar 10, 2026Cloud Security / API Security Salesforce has warned of an increase in threat actor activity that's aimed...
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
Ravie LakshmananMar 10, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security...
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan...
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
Ravie LakshmananMar 09, 2026DevOps / Threat Intelligence The North Korean threat actor known as UNC4899 is suspected to be behind...
