The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra ...
Security Boulevard

FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access ...

Tudor's tactics: Pinpointing how his choices have made things worse

After Tottenham's Champions League collapse on Tuesday, the appointment of Igor Tudor and the tactics employed increasingly ...

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s ...
SecurityWeek

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

The DarkSword iOS exploit chain was used by the Russian APT behind the Coruna exploit in attacks targeting Ukraine.
The Caledonian-Record

Jozu Launches Agent Guard: AI Security That AI Agents Cannot Disable

Jozu, the AI assurance company behind KitOps, a CNCF project with more than 240,000 downloads, today announced the launch of ...
Infosecurity Magazine

Crypto Scam "ShieldGuard" Dismantled After Malware Discovery

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser ...
CSO Online

North Korean fake IT worker tradecraft exposed

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...
Daily Graphic

When oil routes burn

The global oil market is once again entering a period of turbulence, driven by escalating geopolitical tensions and ...
DataBreachToday

Breach Roundup: Russian State Actors Target Signal, WhatsApp

This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress ...