News

The Hacker News5h
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
Akira ransomware exploits SonicWall SSL VPNs, hitting patched devices. Organizations face risks from possible zero-day flaw.
The Hacker News17h
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.
The Hacker News22h
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...
The Hacker News23h
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...
The Hacker News13h
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...