The Hacker News

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...

CISA orders feds to patch Fortinet flaw exploited in attacks by Friday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise ...
SecurityWeek

Guardarian Users Targeted With Malicious Strapi NPM Packages

A threat actor has used 36 malicious NPM packages posing as Strapi plugins to distribute malware targeting Redis, Docker, and ...
TechRepublic

AI Beats Hackers to a Zero-Day Cybersecurity Discovery, Twice

AI Beats Hackers to a Zero-Day Cybersecurity Discovery, Twice Your email has been sent Google’s AI agent Big Sleep identified the critical vulnerability CVE-2025-6965 before cybercriminals could ...