The Hacker News

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.

CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that ...
The Hacker News

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

UAT-8302 targets governments since 2024 using shared China-linked malware, enabling persistent access and cross-group cyber ...