Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
Ravie LakshmananMay 19, 2026Malvertising / Mobile Security Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation...
have
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Ravie LakshmananMay 19, 2026Vulnerability / Email Security Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade...
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Ravie LakshmananMay 19, 2026Supply Chain Attack / Developer Security Cybersecurity researchers have flagged a compromised version of the Nx Console...
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the...
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Ravie LakshmananMay 18, 2026Vulnerability / Software Security Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities...
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
Ravie LakshmananMay 18, 2026Supply Chain Attack / Botnet Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one...
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Ravie LakshmananMay 15, 2026Vulnerability / AI Security Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that...
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Ravie LakshmananMay 14, 2026Vulnerability / API Security Threat actors have been observed attempting to exploit a recently disclosed security vulnerability...
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Ravie LakshmananMay 14, 2026Vulnerability / Linux Details have emerged about a new variant of the recent Dirty Frag Linux local...
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Ravie LakshmananMay 14, 2026Vulnerability / Web Server Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open,...
Inside Department 4: Russia’s secret school for hackers
Most universities have a careers fair. At Bauman Moscow State Technical University, however, an elite group of students appear to...
Sri Lanka makes 37 arrests as it raids another scam centre
Sri Lankan police have arrested 37 people suspected of running a scam centre in a suburb of the capital city...
Canvas Breach Hackers Reach Deal After Claiming 275M Records Stolen
Hackers behind the Canvas breach have reached a deal with Instructure after claiming they stole data tied to nearly 9,000...
Most Remediation Programs Never Confirm the Fix Actually Worked
The Hacker NewsMay 13, 2026Cloud Security / Automation Security teams have never had better visibility into their environments and never...
Over 1 Million Baby Monitors, Security Cameras Exposed Through Meari Flaws
More than 1 million internet-connected baby monitors and security cameras may have exposed private household activity, including images from inside...