NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE Server Security / VulnerabilityA newly disclosed security flaw impacting NGINX Plus and NGINX Open... 2026-5-17 11:57:53 | 阅读: 35 | 收藏 | The Hacker News - thehackernews.com security vulncheck 2026 remote opendcim

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability t... 2026-5-17 07:13:33 | 阅读: 42 | 收藏 | The Hacker News - thehackernews.com extortion reveal

Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming Vulnerability / Website Security A critical security vulnerability impacting the Funnel Buil... 2026-5-16 15:20:48 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com attacker funnel security sansec attackers

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access Botnet / Threat Intelligence The Russian state-sponsored hacking group known as Turla... 2026-5-15 17:10:25 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com kazuar c2 blizzard microsoft windows

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence Vulnerability / AI SecurityCybersecurity researchers have disclosed a set of four security flaws i... 2026-5-15 13:35:4 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com 2026 openclaw bypass 44112 plant

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface Endpoint Security / Threat DetectionIn Your Biggest Security Risk Isn't Malware — It's What You Al... 2026-5-15 11:0:0 | 阅读: 25 | 收藏 | The Hacker News - thehackernews.com reduction attackers bitdefender security living

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates OpenAI has disclosed that two of its employee devices in its corporate environment were impacted vi... 2026-5-15 10:54:44 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com openai teampcp c2 rotated tanstack

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email Microsoft / VulnerabilityMicrosoft has disclosed a new security vulnerability impacting on-premise... 2026-5-15 06:19:4 | 阅读: 22 | 收藏 | The Hacker News - thehackernews.com exchange microsoft 42897 eomt emergency

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits Vulnerability / Credential TheftThe U.S.Cybersecurity and Infrastructure Security Agency (CISA) on... 2026-5-15 05:28:3 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com 2026 deploys 8616 uat

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access Vulnerability / Network SecurityCisco has released updates to address a maximum-severity authentic... 2026-5-14 17:45:20 | 阅读: 22 | 收藏 | The Hacker News - thehackernews.com 2026 bypass catalyst attacker

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets Cybersecurity researchers are sounding the alarm about what has been described as "malicious activi... 2026-5-14 17:22:43 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com malicious payload c2 maintainer

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories Everything is still on fire.This week feels dumb in the worst way — bad links, weak checks, fake hel... 2026-5-14 16:7:46 | 阅读: 22 | 收藏 | The Hacker News - thehackernews.com python remote ransomware malicious attackers

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks... 2026-5-14 14:0:37 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com phishing ukraine lure bo

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure Vulnerability / API SecurityThreat actors have been observed attempting to exploit a recently disc... 2026-5-14 11:40:14 | 阅读: 30 | 收藏 | The Hacker News - thehackernews.com agents praisonai 2026 security sysdig

How AI Hallucinations Are Creating Real Security Risks AI hallucinations are introducing serious security risks into critical infrastructure decision-maki... 2026-5-14 11:30:0 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com security incorrect threats fabricated

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has re... 2026-5-14 09:25:50 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com bitlocker windows microsoft security wim

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation... 2026-5-14 07:6:15 | 阅读: 35 | 收藏 | The Hacker News - thehackernews.com dirty frag xfrm v12

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE Vulnerability / Web ServerCybersecurity researchers have disclosed multiple security vulnerabiliti... 2026-5-14 06:0:9 | 阅读: 40 | 收藏 | The Hacker News - thehackernews.com attacker remote ngx 2026 directive

Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday Vulnerability / Artificial IntelligenceMicrosoft has unveiled a new multi-model artificial intelli... 2026-5-13 13:46:2 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com mdash agents windows agentic

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation Cyber Espionage / MalwareA threat actor with affiliations to China has been linked to a "multi-wav... 2026-5-13 13:0:0 | 阅读: 39 | 收藏 | The Hacker News - thehackernews.com deed 2026 terndoor loader bitdefender