The Hacker News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

February 11, 2026 add comment
Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally... Read more »

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

February 10, 2026 add comment
Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large language models (LLMs) and improve the overall trust in artificial intelligence... Read more »

When Cloud Outages Ripple Across the Internet

February 5, 2026 add comment
Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down... Read more »

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

February 5, 2026 add comment
Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows environments toward stronger, Kerberos-based options. The development... Read more »

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

January 30, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.... Read more »

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

January 29, 2026 add comment
As many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with the campaign claiming 20 potential victim organizations spanning artificial... Read more »

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

January 29, 2026 add comment
A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency... Read more »

CTEM in Practice: Prioritization, Validation, and Outcomes That Matter

January 29, 2026 add comment
Cybersecurity teams increasingly want to move beyond looking at threats and vulnerabilities in isolation. It’s not only about what could go wrong (vulnerabilities) or who might attack (threats), but... Read more »

From Triage to Threat Hunts: How AI Accelerates SecOps

January 29, 2026 add comment
If you work in security operations, the concept of the AI SOC agent is likely familiar. Early narratives promised total autonomy. Vendors seized on the idea of the “Autonomous... Read more »

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

January 28, 2026 add comment
Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization (App-V) script to distribute an information stealer called Amatera.... Read more »
Subscribe to our Newsletter