The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation.

Warning: Your AI-Generated Password Is a Major Security Risk. Here’s What to Use Instead

Having trouble coming up with good passwords? Don't rely on AI. Here's why.

The New Turing Test: How Threats Use Geometry to Prove 'Humanness'

Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, ...

Security News This Week: A Hacker Accidentally Broke Into the FBI’s Epstein Files

Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more.

Salt Typhoon is hacking the world’s phone and internet giants. Here’s everywhere that’s been hit.

Salt Typhoon is by far one of the most prolific hacking groups in recent years, breaching some of the top American phone ...
PCMag on MSN

Fake Apps, Fraudulent Emails, and Very Real Hackers: Another Week in the Infosec Trenches

This week saw attacks on Claude Code users, LastPass users, Starlink users, and, perhaps worst of all, people who needed an ambulance. Add a dash of AI hacking, and you have another wild week in ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.