The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

April 22, 2026 add comment
Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity’s permitted... Read more »

5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time

April 21, 2026 add comment
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service... Read more »

$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims

April 19, 2026 add comment
Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it’s suspending operations after it blamed Western intelligence agencies for a $13.74 million hack.... Read more »

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

April 19, 2026 add comment
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate... Read more »

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

April 18, 2026 add comment
Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON’s Haifei Li,... Read more »

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul

April 18, 2026 add comment
Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over... Read more »

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

April 18, 2026 add comment
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which... Read more »

[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data

April 18, 2026 add comment
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your... Read more »

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

April 18, 2026 add comment
Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. “By... Read more »

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

April 17, 2026 add comment
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating... Read more »
Subscribe to our Newsletter