The Hacker News

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

April 19, 2026 add comment
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate... Read more »

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

April 18, 2026 add comment
Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON’s Haifei Li,... Read more »

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul

April 18, 2026 add comment
Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over... Read more »

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

April 18, 2026 add comment
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which... Read more »

[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data

April 18, 2026 add comment
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your... Read more »

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

April 18, 2026 add comment
Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. “By... Read more »

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

April 17, 2026 add comment
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating... Read more »

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

April 16, 2026 add comment
The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable... Read more »

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

April 16, 2026 add comment
Cybersecurity researchers have warned of an active malicious campaign that’s targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. “PowMix employs... Read more »

OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams

April 16, 2026 add comment
OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its latest flagship model, GPT‑5.4, that’s specifically optimized for defensive cybersecurity use cases, days after rival Anthropic unveiled its own frontier model, Mythos. “The... Read more »
Subscribe to our Newsletter