The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
The Hacker News

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

PhantomCore exploited three TrueConf flaws since September 2025, enabling remote access and lateral movement across Russian ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Iran and its allies are committing epic financial fraud in America. I watch it happen every day

State actors from Iran, North Korea, Russia and China run coordinated financial fraud operations inside the U.S. system using ...
Security Boulevard

500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint ...

Malware campaign lures users with fake Windows Update website

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...
Dark Reading

North Korea Uses ClickFix to Target macOS Users' Data

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...
Windows Report

Hackers Abuse Microsoft Teams to Deploy Snow Malware and Steal Domain Credentials

Attackers exploit Microsoft Teams and Snow malware to steal credentials and take over enterprise networks through social ...

Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...