CISA adds Hikvision flaw CVE-2017-7921 and Rockwell Automation CVE-2021-22681 to KEV, urging agencies to patch by March 26, 2026.

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.

Cisco warns CVE-2026-20122 and CVE-2026-20128 in Catalyst SD-WAN Manager are actively exploited; patches released across ...

Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...

Latest cybersecurity threats, malware campaigns, research findings, and key security developments from this week’s ThreatsDay Bulletin.

Researchers uncover APT28-linked phishing attacks against Ukrainian targets deploying BadPaw loader and MeowMeow backdoor for remote system control.

Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.

Harvest-now-decrypt-later threats push organizations toward hybrid cryptography and ML-KEM as quantum risks grow. Learn strategies in a webinar.

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.

Authorities dismantled LeakBase, a cybercrime forum with 142,000 members trading stolen credentials and financial data in a global crackdown.

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...