READ

PUBLISH

My news Find Feeds Delivery settings Plans My earnings

Follow us on X (twitter)
Follow us on Facebook

Login

Find more feeds

The Hacker News

Follow The Hacker News's news and updates in a matter of seconds! We will deliver any update via email, phone or you can read them from here on the site on your own news page.

You can even combine different feeds with the feed for The Hacker News.

Subscribing and unsubscribing is fast, easy and risk free.

The whole service is free of cost.

The Hacker News: The Hacker News | #1 Trusted Cybersecurity News Site

Is this your feed? Claim it!

Publisher: Unclaimed!

Message frequency: 33.34 / week

Tags:

Message History

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware7 hours ago

Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial intelligence (AI) coding assistant, but stealthily drops a malicious payload on compromised hosts. The extension, named "ClawdBot Agent - AI Coding Assistant" ("clawdbot.c...

Read full story

Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid9 hours ago

The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting dis...

Read full story

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution11 hours ago

A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system. The vulnerability, tracked as CVE-2026-22709, carries a CVSS score of 9.8 out of 10.0 on the CVSS scoring system. "In vm2 for version 3.10.0, Promise.prototype.then Promise.p...

Read full story

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution13 hours ago

Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. The weaknesses, discovered by the JFrog Security Research team, are listed below - CVE-2026-1470 (CVSS score: 9.9) - An eval injection vulnerability that could allow an authenticated user to bypass...

Read full story

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks13 hours ago

Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from infected endpoints. The activity has been attributed to Mustang Panda (aka Earth Preta, Fireant, HoneyMyte, Polaris, and Twill Typhoon) with the intrusions primarily directed against government...

Read full story

Login to follow.it

Keep me logged in

Forgot password?

Or:

Forgot password?

Do you want to sign up?