News

The Hacker News
thehackernews. com > 2026 > 07 > ai-agent-exploits-langflow-rce-to. html

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

2+ hour, 47+ min ago  (1085+ words) Security firm'Sysdig'says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job:…...

The Hacker News
thehackernews. com > 2026 > 07 > fortibleed-credential-theft-linked-to. html

Forti Bleed Credential Theft Linked to INC and Lynx Ransomware Operations

4+ hour, 10+ min ago  (420+ words) The company said it tracked scanning activity against approximately 11, 250 Forti Gate portals in more than 150 countries, followed by confirmed admin-level access on 409 targets and successful completion of the full attack chain on 354 of them. In all, at least 12 ransomware deployments…...

The Hacker News
thehackernews. com > 2026 > 07 > new-chocopoc-rat-targets-vulnerability. html

New Choco Po C RAT Targets Vulnerability Researchers via Fake Po C Exploit Repos

4+ hour, 42+ min ago  (739+ words) Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called Choco Po C, travels in Python proof-of-concept (Po C) repositories on Git Hub that claim to exploit hot…...

Symbols: cwe-95
The Hacker News
thehackernews. com > 2026 > 07 > sharepoint-rce-cve-2026-45659-added-to. html

Share Point RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

6+ hour, 24+ min ago  (569+ words) The U. S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft Share Point Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-45659 (CVSS score: 8. 8), is a case…...

Symbols: cwe-23
The Hacker News
thehackernews. com > 2026 > 07 > unpatched-argo-cd-repo-server-flaw. html

Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

16+ hour, 14+ min ago  (692+ words) Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component's internal network port. Synacktiv, which found the bug,…...

Symbols: cwe-88,cwe-77
Google News
thehackernews. com > 2026 > 07 > 19-year-old-scattered-spider-suspect. html

19-Year-Old Scattered Spider Suspect Extradited to Face U. S. Hacking Charges

16+ hour, 39+ min ago  (627+ words) A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U. S. charges of conspiracy, computer intrusion, and fraud, the U. S. Department of Justice'announced'on July 1. Peter Stokes, 19, a dual U. S. and Estonian citizen, appeared in a…...

The Hacker News
thehackernews. com > 2026 > 07 > seo-poisoned-software-sites-abuse. html

SEO-Poisoned Software Sites Abuse Screen Connect to Deploy Async RAT

18+ hour, 8+ min ago  (395+ words) Unknown threat actors are leveraging the Screen Connect remote access tool as a way to deploy and execute Async RAT. Kaspersky said the activity is part of a "massive, multi-domain, multi-language" campaign that distributes malicious installer archives hosted on spoofed…...

Symbols: index.js
The Hacker News
thehackernews. com > 2026 > 07 > veildrop-malware-chain-uses-blogger. html

VEIL#DROP Malware Chain Uses Blogger Platform to Deliver Pure Logs Stealer

18+ hour, 46+ min ago  (600+ words) Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called Pure Logs. The activity has been codenamed VEIL#DROP by Securonix. It's suspected that the initial…...

Symbols: cert-ua
The Hacker News
thehackernews. com > 2026 > 07 > adobe-patches-7-cvss-100-flaws-in. html

Adobe Patches 7 CVSS 10. 0 Flaws in Cold Fusion and Campaign Classic

20+ hour, 3+ min ago  (350+ words) Adobe has released patches for multiple maximum-severity security flaws impacting Adobe Cold Fusion and Adobe Campaign Classic. The Cold Fusion updates "resolves critical and important vulnerabilities'that could lead to'arbitrary code execution, privilege escalation, arbitrary file system read, and security feature…...

Symbols: mfg.ax
The Hacker News
thehackernews. com > 2026 > 07 > ousaban-banking-trojan-targets-iberian. html

Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

20+ hour, 32+ min ago  (769+ words) A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's Forti Guard Labsidentified the campaign in May 2026. It opens with a phishing PDF disguised as a corrupted file, checks that the visitor…...