The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

The Hacker News June 11, 2026

It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy...

Read More Read more about ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

AI Broke Vulnerability Management. That’s Why CISOs Are Moving Budget to BAS.

AI Broke Vulnerability Management. That’s Why CISOs Are Moving Budget to BAS.

The Hacker News June 11, 2026

For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found...

Read More Read more about AI Broke Vulnerability Management. That’s Why CISOs Are Moving Budget to BAS.

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

The Hacker News June 11, 2026

The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic...

Read More Read more about OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

The Hacker News June 11, 2026

GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which...

Read More Read more about GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance

China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance

The Hacker News June 10, 2026

Cybersecurity researchers have warned of a "resurgence and expansion" of JDY, a covert network associated with China-nexus...

Read More Read more about China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

The Hacker News June 10, 2026

Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result...

Read More Read more about Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE

Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE

The Hacker News June 10, 2026

A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications,...

Read More Read more about Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

The Hacker News June 10, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known...

Read More Read more about CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

The Hacker News June 10, 2026

Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new...

Read More Read more about Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

The Hacker News June 10, 2026

Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three...

Read More Read more about Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs