Author Archives: The Hacker News

Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran’s nuclear program by destroying uranium enrichment centrifuges.
According to a new report published by Sentine… Continue reading Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software→

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evid… Continue reading CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline→

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with malware called FIRE… Continue reading FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches→

The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space ag… Continue reading NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software→

The AI Agent Authority Gap – From Ungoverned to Delegation
As discussed in our previous article, AI agents are exposing a structural gap in enterprise security, but the problem is often framed too narrowly.
The issue is not simply that agents are new a… Continue reading Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine→

Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an attempt to steal recovery phrases and private keys since at least fall 2025.
“Once launched, these apps redir… Continue reading 26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases→

Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunne… Continue reading Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2→

A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild less than 13 hours after its public disclosure.
The vulnerability, tracked as CVE-2026-33626 … Continue reading LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure→

A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts.
“As with many other intrusions in recent years, UNC669… Continue reading UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware→

Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from Socket.
“The affected package version appears to be @bitwarden/cli@2026.4.0, and the malicious code was publi… Continue reading Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign→