Skip to content
The Nexus
Source profile

The Hacker News

430 articles tracked since Apr 8 · 13:50 UTC. 25 in the last 7 days, 102 in the last 30.

Total
430
Last 7 days
25
Last 30 days
102
Last seen
Jul 9 · 07:21 UTC

Top coverage areas

security415technology14business1

Most-mentioned entities

Aggregated across the most recent 200 articles from The Hacker News.

Recent articles

Last 20
  1. technology2026-07-09
    Meta's New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images

    Meta's new AI image tool, Muse Image, allows users to generate AI content using public Instagram posts and reels. The tool is enabled by default and lets users @-mention Instagram accounts to incorporate specific profiles into AI-generated images.

  2. security2026-07-09
    Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

    AI coding agents like Anthropic's Claude Code and OpenAI's Codex can be tricked into executing malicious code instead of analyzing it, as demonstrated by a proof-of-concept attack called 'Friendly Fire' from the AI Now Institute.

  3. security2026-07-09
    GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

    Researchers at Wiz discovered a vulnerability in six AI coding assistants that allows malicious code repositories to execute unauthorized code by exploiting a symlink flaw. The affected tools include Amazon Q Developer, Anthropic's Claude Code, Augment, Cursor, Google Antigravity, and Windsurf.

  4. security2026-07-09
    Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes

    Cybersecurity researchers identified a threat actor named Lurking Lizard using fake 7-Zip installers to operate a malicious residential proxy network via over 230 lookalike domains. The campaign, active since at least August 2022, was tracked by DNS threat intelligence firm Infoblox.

  5. security2026-07-08
    GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures

    Research reveals that GitHub's 'Verified' commits can be altered to create new hashes with identical files, author, and date while maintaining valid signatures. This undermines the assumption that a commit's hash is unique, as GitHub still verifies the altered commit despite the hash change.

  6. security2026-07-08
    15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

    Researchers at Nebula Security disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw enabling any logged-in user to gain root control on unpatched systems. The vulnerability has existed in default code across most mainstream Linux distributions since 2011 and requires no special permissions or network access.

  7. security2026-07-08
    CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

    CISA added four actively exploited vulnerabilities to its KEV catalog, including a critical path traversal flaw in Adobe ColdFusion (CVE-2026-48282) that could enable arbitrary code execution. The other flaws affect Joomla and Langflow, with all vulnerabilities being actively exploited.

  8. security2026-07-07
    Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker

    U.S. prosecutors used a persistent Windows device ID to link an alleged Scattered Spider hacker to a May 2025 intrusion at a luxury jewelry retailer. Microsoft records connected the ID to an account used during the attack and to online accounts tied to 19-year-old Peter Stokes.

  9. security2026-07-07
    Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants

    Cybersecurity researchers disclosed a critical session isolation vulnerability in Writer AI, an enterprise generative AI platform, which could enable cross-tenant compromise. The flaw, named WriteOut by Sand Security Research, allowed unauthorized access to session tokens.

  10. security2026-07-07
    BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

    BeyondTrust has released updates to address two critical security flaws in its Remote Support and Privileged Remote Access (PRA) products. The vulnerabilities could allow unauthenticated attackers to take control of affected devices, with one flaw (CVE-2026-40138) having a CVSS score of 9.2.

  11. security2026-07-06
    Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

    An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) is using a new modular command-and-control framework called Cavern (Cav3rn) to target Israeli organizations. Check Point Research has attributed this activity to a threat cluster, primarily focusing on IT providers and government sectors.

  12. security2026-07-06
    New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

    Researchers at Shandong University have developed a method called TrojPix to extract data from air-gapped systems by manipulating on-screen pixels to generate undetectable radio signals through video cables. The technique requires existing malware on the target machine to function.

  13. security2026-07-06
    New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

    Cybersecurity researchers have identified QuimaRAT, a Java-based remote access trojan (RAT) capable of targeting Windows, Linux, and macOS systems. The malware is offered as a malware-as-a-service (MaaS) model with subscription tiers ranging from $150 per month to $1,200 for lifetime access.

  14. security2026-07-06
    Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages

    Researchers discovered a flaw in Opera GX that allowed malicious websites to silently install browser add-ons to steal data from visited pages. A proof of concept demonstrated extracting a user's Gmail address from a single visit without user interaction. Opera has patched the vulnerability and found no evidence of exploitation.

  15. security2026-07-06
    SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

    A study by researchers at the Hong Kong University of Science and Technology reveals that malicious AI agent skills can evade static scanners using a technique called SkillCloak, which employs self-extracting packing. The method bypassed tested scanners over 90% of the time, while the team also developed a runtime checker to detect most of the malware.

  16. security2026-07-04
    North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

    North Korean threat actors have published 108 malicious packages and web browser extensions across npm, Packagist, Go, and Google Chrome as part of the PolinRider campaign. The campaign remains active, with new malicious packages likely to continue appearing.

  17. security2026-07-03
    New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

    A new Linux kernel vulnerability, Bad Epoll (CVE-2026-46242), allows unprivileged users to gain root access on Linux desktops, servers, and Android devices. A fix is available, and the flaw exists in the same kernel code area where an AI model previously found another bug.

  18. security2026-07-03
    New Avalon Malware Framework Packs CrownX Ransomware Capabilities

    Cybersecurity researchers discovered a new modular malware framework named Avalon, which uses a multi-stage phishing chain to bypass security controls. Avalon integrates credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, combining diverse functions under one framework.

  19. security2026-07-03
    North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

    Threat actors linked to North Korea have created malicious npm packages named 'rollup-packages-polyfill-core' and 'rollup-runtime-polyfill-core' that mimic the legitimate 'rollup-plugin-polyfill-node' project to steal developer secrets. JFrog identified these packages as part of a scheme to facilitate remote access and data theft.

  20. security2026-07-03
    European Parliament Member Investigating Spyware Was Hacked With Pegasus

    A European Parliament member was hacked with Pegasus spyware while investigating the abuse of commercial surveillance tools. Forensic analysis confirmed attackers accessed his device.

The Nexus tracks 230+ news outlets plus 48 government data feeds. View the full source index or read today’s briefing for synthesis across all of them.