Author Archives: The Hacker News

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector.
“The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and … Continue reading Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles→

A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution.
The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system.
“Sandbox escape vulnera… Continue reading Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape→

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC.
According to new research published by Check Point, the command-and-control (C2 or C&amp… Continue reading SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation→

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them.
The vulnerabilities hav… Continue reading 22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters→

A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023.
Angelo Martino, 41, of Land O’Lakes, Florida, teamed up with the operators of the BlackCat ransomware sta… Continue reading Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023→

Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, regulatory exposure, and brand damage. 
The root… Continue reading 5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time→

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials… Continue reading No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks→

Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate.
“The threat actors took the app, which is used … Continue reading NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs→

Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution.
The flaw, since patched, combines Antigravity’s permitted file-creat… Continue reading Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution→

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active ex… Continue reading CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines→