The Hacker News

ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

Weekly cybersecurity roundup covering exploited vulnerabilities, malware campaigns, legal actions, and nation-state attacks ...
The Hacker News

The State of Trusted Open Source

Analysis shows most security risk sits in longtail open source images, with 98% of CVEs outside top projects & Critical flaws ...
The Hacker News

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Cisco released updates for a medium-severity ISE and Snort 3 flaws, including CVE-2026-20029 with a public PoC, and reports ...
The Hacker News

Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages

Security researchers found 3 npm packages that installed NodeCordRAT malware, stealing browser data, crypto wallet secrets & ...
The Hacker News

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances | Read more hacking news on The ...
The Hacker News

OpenAI Launches ChatGPT Health with Isolated, Encrypted Health Data Controls

OpenAI introduces ChatGPT Health, a separate, encrypted space for health chats with optional app data access, focused on ...
The Hacker News

CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

CISA adds two vulnerabilities affecting Microsoft Office and HPE OneView to its KEV list, urging agencies to patch by January ...
The Hacker News

Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches

Black Cat cybercrime group used SEO poisoning and fake software downloads to infect nearly 278,000 systems in China with data ...
The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...