The Hacker News

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...
Security Boulevard

Emulating the Persuasive NightSpire Ransomware

AttackIQ has released a new attack graph that emulates the behaviors of NightSpire Ransomware, a financially motivated ...

Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.
The Hacker News

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted ...

New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...
Bitdefender

AgingFly malware hits local authorities and hospitals in Ukraine

CERT-UA links the AgingFly credential-stealing campaign to phishing, browser theft, and modular remote access.
Arabian Post

Fake Adobe Reader lure turns remote tool rogue

Attackers are exploiting trust in Adobe’s brand to deliver covert remote access, using a fake Acrobat Reader download page to install ConnectWise ScreenConnect through a fileless, memory-heavy attack ...

Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...
CSO Online

Another Microsoft Defender privilege escalation bug emerges days after patch

New PoC shows how Microsoft Defender can be tricked into rewriting malicious files into protected locations, enabling ...
Security Boulevard

From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

Hiding in imposter sites, GitHub downloads, and YouTube links, this infostealer is designed to hijack accounts and drain ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Windows 11 is finally removing the 32GB FAT32 capacity limit

Windows 11 Insider builds now let you format drives up to 2TB in FAT32 via Command Prompt, ending a decades-old arbitrary ...