The Hacker News

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

The Hacker News May 5, 2026

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a...

Read More Read more about DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

The Hacker News May 5, 2026

A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in...

Read More Read more about China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

The Hacker News May 5, 2026

Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year...

Read More Read more about The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

The Hacker News May 5, 2026

Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known...

Read More Read more about MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

We Scanned 1 Million Exposed AI Services. Here’s How Bad the Security Actually Is

We Scanned 1 Million Exposed AI Services. Here’s How Bad the Security Actually Is

The Hacker News May 5, 2026

While the software industry has made genuine strides over the past few decades to deliver products securely,...

Read More Read more about We Scanned 1 Million Exposed AI Services. Here’s How Bad the Security Actually Is

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

The Hacker News May 5, 2026

The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a...

Read More Read more about ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

The Hacker News May 5, 2026

A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has...

Read More Read more about Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

The Hacker News May 5, 2026

Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code...

Read More Read more about Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

The Hacker News May 4, 2026

An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate...

Read More Read more about Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass

Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass

The Hacker News May 4, 2026

Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug...

Read More Read more about Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass