[Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It) TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz and Okta/GitLab to learn how... 2026-5-13 11:52:43 | 阅读: 31 | 收藏 | The Hacker News - thehackernews.com cloud toast briefing lethal okta

Most Remediation Programs Never Confirm the Fix Actually Worked Cloud Security / AutomationSecurity teams have never had better visibility into their environments... 2026-5-13 11:30:0 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com security exposure validated consolidate

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfo... 2026-5-13 10:36:10 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com attacker 2026 microsoft network security

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data Software Supply Chain / Data ExfiltrationCybersecurity researchers are calling attention to a new... 2026-5-13 08:8:54 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com rubygems gem scraped gems council

Android Adds Intrusion Logging for Sophisticated Spyware Forensics Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forens... 2026-5-13 06:55:42 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com security decrypted expanding chrome

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution Vulnerability / Email SecurityExim has released security updates to address a severe security issu... 2026-5-12 16:44:0 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com exim bdat security corruption xbow

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded Supply Chain Attack / Software SecurityRubyGems, the standard package manager for the Ruby program... 2026-5-12 14:47:0 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com software rubygems malicious temporarily paused

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots Malware / Mobile SecurityCybersecurity researchers have flagged a new version of the TrickMo Andro... 2026-5-12 12:50:0 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com network trickmo ton proxy

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help Threat Detection / AI SecurityWhy do the Riskiest SOC Alerts Go Unanswered?Security operations te... 2026-5-12 11:58:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com security radiant triage gap webinar

Why Agentic AI Is Security's Next Blind Spot Agentic AI is already running in production environments across many organizations today. It is exe... 2026-5-12 10:30:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com security agents agentic

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages Supply Chain Attack / MalwareTeamPCP, the threat actor behind the recent supply chain attack spree... 2026-5-12 08:50:0 | 阅读: 49 | 收藏 | The Hacker News - thehackernews.com github tanstack pypi malicious squawk

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak Vulnerability / Network SecurityAmerican educational technology company Instructure, the parent co... 2026-5-12 07:37:0 | 阅读: 39 | 收藏 | The Hacker News - thehackernews.com instructure extortion agreement parents

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation Vulnerability / AI SecurityOpenAI has launched Daybreak, a new cybersecurity initiative that bring... 2026-5-12 06:55:0 | 阅读: 42 | 收藏 | The Hacker News - thehackernews.com security openai codex gpt daybreak

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android Encryption / Mobile SecurityApple on Monday officially released iOS 26.5 with support for end-to-e... 2026-5-12 05:18:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com rcs e2ee gsma encryption

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack Supply Chain Attack / DevSecOpsCheckmarx has confirmed that a modified version of the Jenkins AST... 2026-5-11 18:30:0 | 阅读: 25 | 收藏 | The Hacker News - thehackernews.com checkmarx teampcp jenkins github repository

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor Vulnerability / RansomwareA threat actor named Mr_Rot13 has been attributed to the exploitation of... 2026-5-11 17:54:0 | 阅读: 27 | 收藏 | The Hacker News - thehackernews.com xlab cpanel remote rot13 php

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that... 2026-5-11 15:45:0 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com gemini malicious promptspy llm gtig

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More Rough Monday.Somebody poisoned a trusted download again, somebody else turned cloud servers into... 2026-5-11 12:36:0 | 阅读: 46 | 收藏 | The Hacker News - thehackernews.com 2026 security malicious attackers clickfix

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a... 2026-5-11 11:30:0 | 阅读: 41 | 收藏 | The Hacker News - thehackernews.com purple teaming autonomous attacker security

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads Supply Chain Attack / Threat IntelligenceA malicious Hugging Face repository managed to take a spo... 2026-5-11 07:5:0 | 阅读: 36 | 收藏 | The Hacker News - thehackernews.com windows anthfu malicious repository powershell