The Hacker News

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...
Tom's Hardware on MSN

Microsoft's bug-hunting nemesis extends vendetta with more zero-day attacks

Nightmare-Eclipse's vendetta against Microsoft and Windows continues apace — researcher publishes RoguePlanet and GreatXML ...
CoinTelegraph

THORChain pauses trading after suspected $10M exploit

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...
Crowdfund Insider

LayerZero Apologizes for Kelp DAO Exploit Response, Admits Fault in Single-Verifier Setup

LayerZero, a cross-chain messaging protocol, has publicly apologized for its handling of communications following a major security incident involving Kelp DAO. In a detailed update released on its ...
Dark Reading

Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation

An unpatched vulnerability can allow for privilege escalation across Windows systems through the abuse of the Remote Procedure Call (RPC) architecture in Microsoft's OS. Called PhantomRPC, the flaw ...
Crowdfund Insider

KelpDAO Bridge Exploit Analysis : North Korean Hackers Steal $292 Million via Off-Chain Attack

Chainalysis noted that on April 18, 2026, cybercriminals believed to be tied to North Korea’s Lazarus Group executed one of the largest DeFi heists of the year, siphoning approximately $292 million ...
CoinDesk

LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus

LayerZero blamed the $290 million Kelp DAO exploit on Kelp's decision to use a single-verifier configuration, despite prior warnings to adopt a multi-verifier setup. Attackers, whom LayerZero ...
American Rifleman

Taurus RPC: The Bull Does a PDW

** When you buy products through the links on our site, we may earn a commission that supports NRA's mission to protect, preserve and defend the Second Amendment. ** The term “personal defense weapon” ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
Mashable

iPhone exploit DarkSword has been released in the wild: How to protect yourself

iPhone users should be on alert: DarkSword spyware has been posted in the wild. Credit: Cheng Xin/Getty Images DarkSword, the web-based hacker tool that can be used to steal data from millions of ...
Android Authority

Qualcomm responds to GBL exploit used on latest Snapdragon flagships

Qualcomm confirmed that fixes for the GBL exploit were provided to Android device makers earlier this month. The exploit, discovered by Xiaomi ShadowBlade Security Lab, was a key component in ...
Android Authority

New Qualcomm exploit chain brings bootloader unlocking freedom to Android flagships (Updated: Statement)

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...