The Hacker News

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

• Uncategorized

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

The Hacker News March 18, 2026

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could...

Read More Read more about Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

• Uncategorized

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

The Hacker News March 17, 2026

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI)...

Read More Read more about AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

• Uncategorized

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

The Hacker News March 17, 2026

The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites...

Read More Read more about LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

AI is Everywhere, But CISOs are Still Securing It with Yesterday’s Skills and Tools, Study Finds

• Uncategorized

AI is Everywhere, But CISOs are Still Securing It with Yesterday’s Skills and Tools, Study Finds

The Hacker News March 17, 2026

A majority of security leaders are struggling to defend AI systems with tools and skills that are...

Read More Read more about AI is Everywhere, But CISOs are Still Securing It with Yesterday’s Skills and Tools, Study Finds

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

• Uncategorized

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

The Hacker News March 17, 2026

North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a...

Read More Read more about Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

• Uncategorized

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

The Hacker News March 17, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing...

Read More Read more about CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

• Uncategorized

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The Hacker News March 16, 2026

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub...

Read More Read more about GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More

• Uncategorized

⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More

The Hacker News March 16, 2026

Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah,...

Read More Read more about ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More

Why Security Validation Is Becoming Agentic

• Uncategorized

Why Security Validation Is Becoming Agentic

The Hacker News March 16, 2026

If you run security at any reasonably complex organization, your validation stack probably looks something like this:...

Read More Read more about Why Security Validation Is Becoming Agentic

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

• Uncategorized

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

The Hacker News March 16, 2026

Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of...

Read More Read more about ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers