Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem AI-generated lookalike domains are now embedded inside the third-party scripts running on your web... 2026-5-20 10:30:0 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com malicious chrome silently behavioral approved

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit Vulnerability / EncryptionMicrosoft on Tuesday released a mitigation for a BitLocker bypass vulner... 2026-5-20 08:28:26 | 阅读: 44 | 收藏 | The Hacker News - thehackernews.com windows bitlocker tpm winre yellowkey

Grafana GitHub Breach Exposes Source Code via TanStack npm Attack Supply Chain Attack / Cloud SecurityGrafana Labs, on May 19, 2026, said an investigation into its... 2026-5-20 05:12:6 | 阅读: 36 | 收藏 | The Hacker News - thehackernews.com github 2026 cloud extortion teampcp

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after th... 2026-5-20 04:1:15 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com github payload teampcp propagates attacker

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps Malvertising / Mobile SecurityCybersecurity researchers have disclosed details of a new ad fraud a... 2026-5-19 16:38:12 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com trapdoor malicious owned stage

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in t... 2026-5-19 14:56:26 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com 2026 security upstream rxgk killswitch

The New Phishing Click: How OAuth Consent Bypasses MFA In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five... 2026-5-19 11:30:0 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com phishing grants security bridges scoped

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare Vulnerability / Website SecurityDrupal has issued an alert stating that it intends to release a "c... 2026-5-19 10:44:45 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com drupal security addressed advised exclusive

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access Vulnerability / Email SecurityCritical security vulnerabilities have been disclosed in SEPPMail Se... 2026-5-19 09:23:15 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com 2026 remote seppmail attackers appliance

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer Supply Chain Attack / Developer SecurityCybersecurity researchers have flagged a compromised versi... 2026-5-19 07:49:23 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com nx developer github malicious stealer

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials Software Security / MalwareIn yet another software supply chain attack, threat actors have comprom... 2026-5-19 05:28:6 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com github malicious software runner imposter

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has co... 2026-5-19 04:54:17 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com antv github shai hulud payload

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North... 2026-5-18 17:21:18 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com phishing sentencing interpol arrests conspiracy

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More Monday opens with a trust problem. A mail server flaw is under active use. A network control syste... 2026-5-18 13:50:17 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com 2026 software security microsoft windows

How to Reduce Phishing Exposure Before It Turns into Business Disruption What happens when a phishing email looks clean enough to pass through security, but dangerous eno... 2026-5-18 13:0:0 | 阅读: 40 | 收藏 | The Hacker News - thehackernews.com phishing exposure security analysis uncertainty

Developer Workstations Are Now Part of the Software Supply Chain Supply chain attackers are not only trying to slip malicious code into trusted software. They are t... 2026-5-18 11:23:41 | 阅读: 42 | 收藏 | The Hacker News - thehackernews.com developer software cloud security workstation

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws Vulnerability / Software SecurityIvanti, Fortinet, n8n, SAP, and VMware have released security fix... 2026-5-18 10:54:5 | 阅读: 50 | 收藏 | The Hacker News - thehackernews.com 2026 n8n attacker remote

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware Supply Chain Attack / BotnetCybersecurity researchers have discovered four new npm packages contai... 2026-5-18 08:57:26 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com hulud shai security tempalte github

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations Industrial Sabotage / MalwareA new analysis of the Lua-based fast16 malware has confirmed that it... 2026-5-18 06:46:37 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com fast16 simulation sabotage stuxnet simulations

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and... 2026-5-18 04:59:21 | 阅读: 20 | 收藏 | The Hacker News - thehackernews.com windows microsoft pointed security eclipse