The Hacker News

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

March 9, 2026 add comment
The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in... Read more »

DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams

March 9, 2026 add comment
The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether that were allegedly associated with bogus cryptocurrency schemes known as pig butchering.... Read more »

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

March 9, 2026 add comment
New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private... Read more »

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

March 9, 2026 add comment
Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat actors have published a set of 26 malicious packages to the... Read more »

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

March 9, 2026 add comment
A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability... Read more »

How to Protect Your SaaS from Bot Attacks with SafeLine WAF

March 9, 2026 add comment
Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions,... Read more »

⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More

March 9, 2026 add comment
This week is not about one big event. It shows where things are moving. Network systems, cloud setups, AI tools, and common apps are all being pushed in different... Read more »

Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome

March 9, 2026 add comment
Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed by quantum computers. “To ensure the scalability... Read more »

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

March 9, 2026 add comment
Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the... Read more »

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

March 9, 2026 add comment
The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity,... Read more »
Subscribe to our Newsletter