Whats The Hax?

2026: The Year of AI-Assisted Attacks 1h ago Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia 1h ago Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks 2h ago Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M 6h ago CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV 1d ago Trellix Confirms Source Code Breach With Unauthorized Repository Access 2d ago 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign 2d ago Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks 2d ago China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists 2d ago Top Five Sales Challenges Costing MSPs Cybersecurity Revenue 3d ago Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks 3d ago Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft 3d ago PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials 3d ago ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories 3d ago New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials 3d ago EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades 4d ago New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions 4d ago Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution 4d ago SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack 4d ago New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs 4d ago

CISA says ‘Copy Fail’ flaw now exploited to root Linux systems 1h ago CISA has warned that threat actors have started exploiting the Microsoft confirms April Windows updates cause backup failures 1h ago Microsoft has confirmed that the April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver. Instructure confirms data breach, ShinyHunters claims attack 13h ago Educational tech giant Instructure has confirmed that data was stolen in a cyberattack, with the ShinyHunters extortion gang claiming responsibility. Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha 17h ago Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positive alerts, and in some cases, removing certificates from Windows. Telegram Mini Apps abused for crypto scams, Android malware delivery 21h ago Cybersecurity researchers have uncovered a large-scale fraud operation that uses Telegram's Mini App feature to run crypto scams, impersonate well-known brands, and distribute Android malware. Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks 1d ago A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in ConsentFix v3 attacks target Azure with automated OAuth abuse 1d ago A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums, building on the previous technique by adding automation and scaling potential. Microsoft tests modern Windows Run, says it's faster than legacy dialog 2d ago Microsoft has confirmed that Windows 11 is getting a new modern Run dialog with dark mode support and faster performance in a new preview build. Edu tech firm Instructure discloses cyber incident, probes impact 2d ago Instructure, the company behind the widely used Canvas learning platform, has disclosed that it recently suffered a cybersecurity incident and is now investigating its impact. 15-year-old detained over French govt agency data breach 2d ago French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country's agency for issuing and managing administrative documents. Story retracted 2d ago Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations 2d ago Microsoft fixes Remote Desktop warnings displaying incorrectly 2d ago Microsoft now lets admins choose pre-installed Store apps to uninstall 3d ago Windows 11 KB5083631 update released with 34 changes and fixes 3d ago

Exploitation of ‘Copy Fail’ Linux Vulnerability Begins 1h ago OpenAI Rolls Out Advanced Security for ChatGPT Accounts 2h ago Over 40,000 Servers Compromised in Ongoing cPanel Exploitation 3h ago Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats 5h ago US Military Reaches Deals With 7 Tech Companies to Use Their AI on Classified Systems 19h ago New Bluekit Phishing Kit Features AI Assistant 2d ago In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability 2d ago Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge 2d ago Two US Security Experts Sentenced to Prison for Helping Ransomware Gang 3d ago Sophisticated Deep#Door Backdoor Enables Espionage, Disruption 3d ago

Disneyland Now Uses Face Recognition on Visitors 2d ago Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers 2d ago OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts 3d ago 90,000 Screenshots of One Celebrity's Phone Were Exposed Online 4d ago Why Sharing a Screenshot Can Get You Jailed in the UAE 5d ago The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards 5d ago Cole Allen Charged With Attempting to Assassinate Trump 6d ago California Engineer Identified in Suspected Shooting at White House Correspondents’ Dinner 8d ago Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos 9d ago The Latest Push to Extend Key US Spy Powers Is Still a Mess 9d ago Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet 10d ago AI Tools Are Helping Mediocre North Korean Hackers Steal Millions 11d ago Mozilla Used Anthropic’s Mythos to Find and Fix 271 Bugs in Firefox 12d ago Meta Is Sued Over Scam Ads on Facebook and Instagram 12d ago They Built a Legendary Privacy Tool. Now They’re Sworn Enemies 13d ago The Weird, Twisting Tale of How China Spied on Alysa Liu and Her Dad 14d ago It Takes 2 Minutes to Hack the EU’s New Age-Verification App 16d ago Republican Mutiny Sinks Trump's Push to Extend Warrantless Surveillance 16d ago The Shocking Secrets of Madison Square Garden’s Surveillance Machine 17d ago Europe’s Online Age Verification App Is Here 17d ago

76% of All Crypto Stolen in 2026 Is Now in North Korea 2d ago If AI's So Smart, Why Does It Keep Deleting Production Databases? 2d ago Name That Toon: Mark of (Security) Progress 3d ago 20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage 3d ago TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack 3d ago Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug 3d ago Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber 3d ago Oracle Red Bull Racing Team Revs Up Automation to Boost Security 3d ago Claude Mythos Fears Startle Japan's Financial Services Sector 4d ago Reverse Engineering With AI Unearths High-Severity GitHub Bug 4d ago AI Finds 38 Security Flaws in Electronic Health Record Platform 4d ago Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error 4d ago Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities 4d ago BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures 5d ago NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later 5d ago Feuding Ransomware Groups Leak Each Other's Data 5d ago Vidar Rises to Top of Chaotic Infostealer Market 5d ago Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain 5d ago UNC6692 Combines Social Engineering, Malware, Cloud Abuse 6d ago Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation 6d ago

Senate Judiciary advances bill that would bar minors from interacting with AI companions 2d ago Federal agencies must patch cPanel bug by Sunday, CISA says 2d ago Cyber incident responders who carried out ransomware attacks given 4-year sentences 2d ago British cyber agency warns of looming ‘patch wave’ as AI speeds flaw discovery 2d ago Cyber spies target Russian aviation firms to steal satellite and GPS data 2d ago

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs 3d ago A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazi... ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty 12d ago A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phish... Patch Tuesday, April 2026 Edition 19d ago Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dub... Russia Hacked Routers to Steal Microsoft Office Tokens 26d ago Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backe... Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab 28d ago An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gang... ‘CanisterWorm’ Springs Wiper Attack Targeting Iran 41d ago A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or ha... Feds Disrupt IoT Botnets Behind Huge DDoS Attacks 45d ago The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as ro... Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker 53d ago A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub out... Microsoft Patch Tuesday, March 2026 Edition 54d ago Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usu... How AI Assistants are Moving the Security Goalposts 56d ago AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-r...