.jpg)
Latest NEWS
Security Advisory
The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open
For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace — big hacks, broken systems, and new threats.
But behind every headline, there’s a quieter, better story.
It’s the story of leaders making tough calls under pressure, teams building smarter defenses, and security products that keep hunting threats 24/7 — even when it’s hard.
Most of the time, this work is
Thu May 07 2026 13:35:11 GMT+0000 (Coordinated Universal Time)
From:
info@thehackernews.com (The Hacker News) [The Hacker News]
Crypto gang member gets 6.5 years for role in $230 million heist
A 20-year-old California man was sentenced to 78 months in prison for serving as a home invader and money launderer in a criminal ring that stole over $250 million in cryptocurrency. [...]
Thu May 07 2026 13:35:11 GMT+0000 (Coordinated Universal Time)
From:
Sergiu Gatlan [BleepingComputer]
Why ransomware attacks succeed even when backups exist
Backups don't fail because they're missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before encryption, leaving no path to recovery. [...]
Thu May 07 2026 13:35:11 GMT+0000 (Coordinated Universal Time)
From:
Sponsored by Acronis [BleepingComputer]
Critical vm2 sandbox bug lets attackers execute code on hosts
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. [...]
Thu May 07 2026 13:35:11 GMT+0000 (Coordinated Universal Time)
From:
Bill Toulas [BleepingComputer]
Palo Alto Networks firewall zero-day exploited for nearly a month
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month. [...]
Thu May 07 2026 13:35:11 GMT+0000 (Coordinated Universal Time)
From:
Sergiu Gatlan [BleepingComputer]
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks.
"This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said.
The initiative builds upon the foundation of Pixel Binary Transparency, which Google introduced in October 2021
Thu May 07 2026 13:35:11 GMT+0000 (Coordinated Universal Time)
From:
info@thehackernews.com (The Hacker News) [The Hacker News]
Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plug-in, Pheno, to hijack the Windows-based bridge between PCs and smartphones.
Thu May 07 2026 13:35:11 GMT+0000 (Coordinated Universal Time)
From:
Elizabeth Montalbano [darkreading]
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
Bad week.
Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels like it’s normal. Some of these attack chains don’t even feel sophisticated anymore. More like some tired guy with a Telegram account and too much free time. The worst part is how often this stuff
Thu May 07 2026 13:35:11 GMT+0000 (Coordinated Universal Time)
From:
info@thehackernews.com (The Hacker News) [The Hacker News]
