The Hacker News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

The Hacker News March 21, 2026

Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services...

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

The Hacker News March 21, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft...

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

The Hacker News March 21, 2026

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be...

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

The Hacker News March 20, 2026

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the...

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

The Hacker News March 20, 2026

A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure,...

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

The Hacker News March 20, 2026

Google on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24-hour wait...

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

The Hacker News March 20, 2026

Artificial Intelligence (AI) is changing how individuals and organizations conduct many activities, including how cybercriminals carry out...

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

The Hacker News March 20, 2026

Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers...

DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

The Hacker News March 20, 2026

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of command-and-control (C2) infrastructure used by...

Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks

Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks

The Hacker News March 19, 2026

Apple is urging users who are still running an outdated version of iOS to update their iPhones...

error: Content is protected !!