The Hacker News

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

[email protected] The Hacker News April 8, 2026

Ravie LakshmananApr 07, 2026Vulnerability / Threat Intelligence A China-based threat actor known for deploying Medusa ransomware has been...

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

[email protected] The Hacker News April 8, 2026

Ravie LakshmananApr 07, 2026Artificial Intelligence / Vulnerability Threat actors are exploiting a maximum-severity security flaw in Flowise,...

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

[email protected] The Hacker News April 8, 2026

An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel...

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

[email protected] The Hacker News April 8, 2026

Ravie LakshmananApr 06, 2026Malware / Threat Intelligence Threat actors likely associated with the Democratic People’s Republic of Korea...

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

[email protected] The Hacker News April 6, 2026

Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments,...

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

[email protected] The Hacker News April 6, 2026

Ravie LakshmananApr 06, 2026Cybersecurity / Hacking This week had real hits. The key software got tampered with. Active bugs showed...

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

[email protected] The Hacker News April 6, 2026

The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials...

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

[email protected] The Hacker News April 6, 2026

Ravie LakshmananApr 06, 2026Ransomware / Endpoint Security Threat actors associated with Qilin and Warlock ransomware operations have been observed using the...

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

[email protected] The Hacker News April 6, 2026

Ravie LakshmananApr 06, 2026Cybercrime / Financial Crime Germany’s Federal Criminal Police Office (aka BKA or the Bundeskriminalamt)...

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

[email protected] The Hacker News April 6, 2026

Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination...