The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...

In A.I. Blunder, More Than 34,000 Instagram Accounts Were Attacked

The flaw, which Meta said it had fixed, allowed anyone to take over accounts using a bug in the company’s new artificial ...

Critical Copilot vulnerability allowed hackers to seal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the researchers who discovered the vulnerability and reported it to Microsoft ...
The Hacker News

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

Oracle PeopleSoft zero-day CVE-2026-35273 was exploited before Oracle's June 10 advisory, exposing data and triggering ...
SecurityWeek

Infostealers Turn Millions of Devices Into Credential Theft Machines

Modern infostealers don't just steal passwords—they harvest the digital identities and context that enable attackers to blend ...
Cybernews

Hackers hijack Microsoft packages to steal developer logins

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...