The Hacker News

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

March 11, 2026 add comment
Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send... Read more »

New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

March 11, 2026 add comment
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims’ databases and exfiltrate sensitive data within... Read more »

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

March 10, 2026 add comment
Salesforce has warned of an increase in threat actor activity that’s aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of... Read more »

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

March 9, 2026 add comment
Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject arbitrary... Read more »

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

March 9, 2026 add comment
High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign. The activity, which has targeted aviation,... Read more »

ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories

March 9, 2026 add comment
Nothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a meeting invite, or a software update.... Read more »

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown

March 9, 2026 add comment
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure to make it resilient to takedown efforts. “Instead of... Read more »

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

March 9, 2026 add comment
Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan (RAT). “A malicious downloader... Read more »

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

March 9, 2026 add comment
Cybersecurity researchers have disclosed details of a malicious Go module that’s designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe. The Go... Read more »

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

March 9, 2026 add comment
The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in... Read more »
Subscribe to our Newsletter