The Hacker News

How AI Hallucinations Are Creating Real Security Risks

How AI Hallucinations Are Creating Real Security Risks

The Hacker News May 14, 2026

AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly...

Read More Read more about How AI Hallucinations Are Creating Real Security Risks

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

The Hacker News May 14, 2026

An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving...

Read More Read more about Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

The Hacker News May 14, 2026

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE)...

Read More Read more about New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

The Hacker News May 14, 2026

Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw...

Read More Read more about 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

The Hacker News May 13, 2026

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and...

Read More Read more about Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

The Hacker News May 13, 2026

A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed...

Read More Read more about Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

[Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It)

[Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It)

The Hacker News May 13, 2026

TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz and Okta/GitLab to learn how hackers...

Read More Read more about [Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It)

Most Remediation Programs Never Confirm the Fix Actually Worked

Most Remediation Programs Never Confirm the Fix Actually Worked

The Hacker News May 13, 2026

Security teams have never had better visibility into their environments and never been worse at confirming what...

Read More Read more about Most Remediation Programs Never Confirm the Fix Actually Worked

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

The Hacker News May 13, 2026

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them...

Read More Read more about Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

The Hacker News May 13, 2026

Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository...

Read More Read more about GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data