The Hacker News

ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More

Latest cybersecurity threats, malware campaigns, research findings, and key security developments from this week’s ThreatsDay Bulletin.
The Hacker News

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...
The Hacker News

Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities

Cisco warns CVE-2026-20122 and CVE-2026-20128 in Catalyst SD-WAN Manager are actively exploited; patches released across ...
The Hacker News

APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

Researchers uncover APT28-linked phishing attacks against Ukrainian targets deploying BadPaw loader and MeowMeow backdoor for ...
The Hacker News

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.
The Hacker News

Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders

Harvest-now-decrypt-later threats push organizations toward hybrid cryptography and ML-KEM as quantum risks grow. Learn strategies in a webinar.
The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
The Hacker News

FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials

Authorities dismantled LeakBase, a cybercrime forum with 142,000 members trading stolen credentials and financial data in a global crackdown.