The Hacker News

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Redis CVE-2026-23479 enables authenticated RCE; affecting versions since 7.2.0, patched May 5 to reduce exploitation risk.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
Cryptopolitan on MSN

North Korea’s Lazarus turns to fileless malware in new crypto attacks

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and ...
ESPN

Knicks flip script, exploit James Harden to spark Game 1 rally

NEW YORK -- It wasn't quite a matter of pettiness, but the Knicks found their idea for an improbable comeback thanks to the Cavaliers trying to exploit Jalen Brunson on defense. Trailing by 22 points ...
decrypt

Bitcoin DeFi Platform Echo Protocol Hit By $76M Monad Exploit

Add Decrypt as your preferred source to see more of our stories on Google. Attackers minted 1,000 eBTC on Echo Protocol’s Monad blockchain deployment before borrowing and moving funds across chains.
Bleeping Computer

Google: Hackers used AI to develop zero-day exploit for web admin tool

Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. The exploit could be leveraged ...
Ars Technica

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe ...
Ripple

Wasabi Protocol Hack: Over $5 M Lost to Admin Key Breach

Wasabi Protocol lost $5.5M after an admin key was compromised. Here’s how one wallet drained millions across four chains in minutes. Wasabi Protocol suffered a major security breach on April 30, 2025.
financefeeds

Wasabi Protocol Hack Drains $5 Million via Compromised Admin Key

How did the Wasabi Protocol exploit unfold? Decentralized derivatives platform Wasabi Protocol has been exploited for more than $5 million in a coordinated attack spanning multiple blockchain networks ...
Infosecurity-magazine.com

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

A newly identified malware campaign has been observed exploiting a command injection flaw in digital video recorder (DVR) devices to deploy a Mirai-based botnet, according to analysis by FortiGuard ...
CoinDesk

Audit admin keys, not just code, expert says after $200 million Drift exploit

Programmable blockchain Solana's SOL token has hit five-week lows after an exploit at one of its largest perpetual decentralized exchange, Drift, underscored that security risks go beyond just smart ...