The Hacker News

FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches

April 24, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September... Read more »

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

April 24, 2026 add comment
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. “As... Read more »

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

April 23, 2026 add comment
Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. “The threat actors took... Read more »

22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters

April 23, 2026 add comment
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data... Read more »

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

April 23, 2026 add comment
Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed... Read more »

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

April 22, 2026 add comment
Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector. “The backdoor communicates with a dynamic... Read more »

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

April 22, 2026 add comment
Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The... Read more »

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

April 22, 2026 add comment
A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O’Lakes, Florida,... Read more »

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

April 22, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager,... Read more »

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

April 22, 2026 add comment
Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity’s permitted... Read more »
Subscribe to our Newsletter