The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

• Uncategorized

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

The Hacker News February 25, 2026

Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers...

Read More Read more about Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Manual Processes Are Putting National Security at Risk

• Uncategorized

Manual Processes Are Putting National Security at Risk

The Hacker News February 25, 2026

Why automating sensitive data transfers is now a mission-critical priority More than half of national security organizations still...

Read More Read more about Manual Processes Are Putting National Security at Risk

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

• Uncategorized

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

The Hacker News February 25, 2026

A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to...

Read More Read more about Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

• Uncategorized

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

The Hacker News February 25, 2026

SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that,...

Read More Read more about SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

• Uncategorized

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

The Hacker News February 25, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen...

Read More Read more about CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

• Uncategorized

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

The Hacker News February 24, 2026

A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories...

Read More Read more about RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

• Uncategorized

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

The Hacker News February 24, 2026

A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social...

Read More Read more about UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

• Uncategorized

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

The Hacker News February 24, 2026

Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what...

Read More Read more about Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

• Uncategorized

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

The Hacker News February 24, 2026

The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in...

Read More Read more about Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

• Uncategorized

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

The Hacker News February 24, 2026

The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan,...

Read More Read more about UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors