Author Archives: The Hacker News

Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully pat… Continue reading MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems→

A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck.
The vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buff… Continue reading NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE→

Grafana has disclosed that an “unauthorized party” obtained a token that granted them the ability to access the company’s GitHub environment and download its codebase.

“Our investigation has determined that no customer data or personal information … Continue reading Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt→

A critical security vulnerability impacting the
Funnel Builder
plugin for WordPress has come under active exploitation in the wild to
inject malicious JavaScript code
into WooCommerce checkout pages with the goal of stealing payment data.

… Continue reading Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming→

The Russian state-sponsored hacking group known as

Turla

has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent access to compromised hosts.

Turla, per the U.S. … Continue reading Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access→

Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence.

The vulnerabilities, collectively dubbed

Claw Chain

by Cyera, can perm… Continue reading Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence→

In Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration. PowerShell, WMIC, netsh, Certutil,… Continue reading What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface→

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modi… Continue reading TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates→

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a s… Continue reading On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email→

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Bran… Continue reading CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits→