All Recent Posts

Internet Security

Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware

April 18, 2026 add comment
Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU,... Read more »
The Hacker News

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

April 18, 2026 add comment
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which... Read more »
The Hacker News

[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data

April 18, 2026 add comment
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your... Read more »
Internet Security

Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks

April 18, 2026 add comment
A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that... Read more »

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

April 18, 2026 add comment
A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the... Read more »
Internet Security

Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access

April 18, 2026 add comment
Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher... Read more »
The Hacker News

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

April 18, 2026 add comment
Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. “By... Read more »

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

April 17, 2026 add comment
You know that feeling when you open your feed on a Thursday morning and it’s just… a lot? Yeah. This week delivered. We’ve got hackers getting creative in ways that are almost... Read more »

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

April 17, 2026 add comment
An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000... Read more »
Internet Security

Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence

April 17, 2026 add comment
Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a... Read more »
Subscribe to our Newsletter