AI-augmented actor breached 600+ FortiGate devices in 55 countries using weak credentials and exposed ports, Amazon reports.

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

DOJ indicts two ex-Google engineers and a spouse for allegedly stealing Tensor trade secrets, sending hundreds of files to ...

PromptSpy Android malware abuses Google Gemini to analyze screens, automate persistence, block removal, and enable VNC-based remote device control.

Massiv Android trojan hides in fake IPTV apps, enabling remote device control, credential theft, and fraudulent banking ...

FBI reports 1,900 ATM jackpotting cases since 2020, with $40.73M lost to Ploutus malware bypassing bank authorization.

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software ...

A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea's fraudulent information technology (IT) worker scheme.

Insurers tighten cyber underwriting as identity risks grow; breach costs hit $4.4M and MFA gaps affect payouts.

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...

ZeroDayRAT is a cross-platform mobile spyware sold on Telegram that enables live surveillance, OTP theft, and financial data ...

The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure and actors behind high-yield investment ...