A glossary of key internet terms every user should know to protect themselves from scams, phishing, malware, and other digital threats.

To stop children from bypassing its age checks, Meta is revamping its age-verification tools with an AI system that analyzes images and videos for “visual cues,” such as height and bone structure.

Cuts appear to hit sales, product, and marketing, accounting for under 10% of staff

13% say they’ve sold logins or know someone who has, survey suggests

The vendor hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks. The post A critical Palo Alto PAN-OS zero-day is being exploited in the wild...

Cisco security advisory (AV26-430)

The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a "false...

A vulnerability has been discovered in the PAN-OS Authentication Portal (aka Captive Portal) service that could allow for remote code execution. PAN-OS is the operating system that runs Palo Alto...

MOIS-linked cyber outfit puts on a ransomware show to disguise the wide-open backdoor behind the scenes

A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy's platform for managing fleets of WordPress websites. [...]

For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace — big hacks, broken systems, and new threats. But behind every headline, there’s a quieter, better story....

WatchGuard security advisory (AV26-428)

Samsung mobile security advisory (AV26-429)

Signal Chief Technology Officer Ehren Kret says secure messaging is best understood as a powerful tool against mass surveillance, not a guarantee that every private conversation is protected from...

Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian...

It's not just you. Hackers and other cybercriminals are complaining about “AI shit” flooding platforms where they discuss cyberattacks and other illegal activity.

A vulnerability has been discovered in Apache HTTP Server with the HTTP/2 protocol that could allow for remote code execution. Apache is a free, open-source web server software that enables the...

What usage patterns, plugin adoption, and configuration choices reveal about the Jenkins attack surface.

Activists say ministers are targeting access rather than Big Tech's data-hungry business models

Three days into the Iran war, Iran’s Islamic Revolutionary Guard Corps said the quiet part out loud: The Revolutionary Guard’s Qods Force has long carried out plots around the world and now...

On March 5, as the U.S. and Israeli militaries hammered Iranian targets and Tehran launched attacks at Tel Aviv and Gulf countries that host American bases, an email blast emanated from a server...

Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. [...]

The Department of Homeland Security has fallen short of compliance requirements and existing standards when it comes to managing, securing and deploying mobile devices within its CIO and...

The Cybersecurity and Infrastructure Security Agency – fresh out of the longest shutdown in government history and ready to begin hiring again after shedding staff for the past year – is out with...

The U.S. Commerce Department’s national standards agency will run tests on new artificial intelligence models from Google, Microsoft and Elon Musk’s xAI before they are released, in a step toward...

In early 2026, a sophisticated intrusion initially appearing to be a standard Chaos ransomware attack was assessed to be consistent with a targeted state-sponsored operation. While the threat...

Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery. [...]

Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) and a previous undocumented plugin dubbed Pheno with the aim of...

Broadcom VMware security advisory (AV26-427)