The Hacker News

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

The Hacker News May 26, 2026

The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least...

Read More Read more about MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar

New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar

The Hacker News May 26, 2026

Every single day, hackers are finding new ways to crash websites and steal data. But right now, something...

Read More Read more about New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

The Hacker News May 26, 2026

Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be...

Read More Read more about Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

MFA Prompt Bombing: Why Your Second Factor Isn’t Saving You

MFA Prompt Bombing: Why Your Second Factor Isn’t Saving You

The Hacker News May 26, 2026

Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even...

Read More Read more about MFA Prompt Bombing: Why Your Second Factor Isn’t Saving You

CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

The Hacker News May 26, 2026

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security...

Read More Read more about CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

The Hacker News May 26, 2026

The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed...

Read More Read more about Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

The Hacker News May 25, 2026

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan,...

Read More Read more about KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

The Hacker News May 25, 2026

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from...

Read More Read more about ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

The Hacker News May 25, 2026

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript...

Read More Read more about Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

The Alert Firehose Finally Meets Its Match

The Alert Firehose Finally Meets Its Match

The Hacker News May 25, 2026

Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy," "Too...

Read More Read more about The Alert Firehose Finally Meets Its Match