The Hacker News

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

Two Composer flaws (CVE-2026-40176, CVE-2026-40261) allow command execution via Perforce configurations, prompting urgent ...
Cybernews

Disgruntled hacker drops second zero-day Windows Defender exploit just hours after Microsoft patches first one

A disgruntled researcher released a second zero-day Windows Defender exploit, dubbed RedSun, shortly after Microsoft patched ...

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...

Hackers exploit critical flaw in Ninja Forms WordPress plugin

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files ...
Decrypt

North Korean Hackers Spent Six Months Infiltrating Drift Before $285M Exploit

Drift Protocol said the attackers posed as traders, met contributors in person, and spent months infiltrating before draining the platform.
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
Abu Dhabi News

Hackers Exploit Six Zero-Day Windows Flaws in Coordinated Attacks

IT administrators have learned to fear a certain type of Tuesday, and February 11 was one of those days. This time, Microsoft ...
SecurityWeek

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

Hackers have been targeting a critical file upload flaw in an addon for the Ninja Forms WordPress plugin that leads to remote ...