The Hacker News

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.
The Hacker News

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

ShowDoc CVE-2025-0520 exploited due to unpatched versions before 2.8.7, enabling remote code execution on 2,000+ instances.

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Dark Reading

North Korea Uses ClickFix to Target macOS Users' Data

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...

Malware campaign lures users with fake Windows Update website

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...
CDOTrends

The AI That Hacks Back

Anthropic’s newest frontier model — still not publicly available and still technically a “preview” — is the most ...
Homeland Security Today

Two U.S. Nationals Sentenced for Operating Fake Remote Worker Laptop Farms for North Korea

The Justice Department has announced the sentencings of two U.S. nationals, Kejia Wang, 42, and Zhenxing Wang, 39, for their ...

Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

Israel lays siege to Hezbollah stronghold in southern Lebanon

Israel is poised to capture a Hezbollah stronghold where one of the terror group’s former leaders predicted the destruction ...

The mysterious media moguls behind London’s pink slime propaganda machine

The London Post is run by 2Trom Media Group, incorporated in 2018. It operates a raft of news and entertainment websites, ...

Claude Mythos can hack anything, Anthropic says. Should we believe them?

Antrophic says its newest model found vulnerabilities in every major operating system and browser—and wrote exploits for them ...