The Hacker News

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

The Hacker News May 11, 2026

Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins...

Read More Read more about TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

The Hacker News May 11, 2026

A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel...

Read More Read more about cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

The Hacker News May 11, 2026

Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it...

Read More Read more about Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

The Hacker News May 11, 2026

Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a...

Read More Read more about ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Your Purple Team Isn’t Purple — It’s Just Red and Blue in the Same Room

Your Purple Team Isn’t Purple — It’s Just Red and Blue in the Same Room

The Hacker News May 11, 2026

Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from...

Read More Read more about Your Purple Team Isn’t Purple — It’s Just Red and Blue in the Same Room

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

The Hacker News May 11, 2026

A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating...

Read More Read more about Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

The Hacker News May 10, 2026

Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a...

Read More Read more about Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

The Hacker News May 9, 2026

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could...

Read More Read more about cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

The Hacker News May 8, 2026

Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59...

Read More Read more about TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads

Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads

The Hacker News May 8, 2026

Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed...

Read More Read more about Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads