The Hacker News

PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April ...
The Hacker News

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

CVE-2026-31431 CVSS 7.8 flaw since 2017 enables root via 732-byte exploit, impacting major Linux distributions.

New 'Copy Fail' Flaw In Linux Kernel Lets Any Local User Seize Root Access: Here's How To Fix It

The flaw allows an unprivileged local user to write four controlled bytes into the page cache of any readable file on a Linux ...

Palo Alto Networks firewall zero-day exploited for nearly a month

Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS ...

Firestarter malware survives Cisco firewall updates, security patches

Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or ...
Network World

Infected Cisco firewalls need cold start to clear persistent Firestarter backdoor

Admins are being warned by cyber experts from the US and UK that this is part of continuing campaign to crack Cisco firewalls ...
cybernews

Critical PAN-OS zero-day vulnerability exploited in the wild, with no patches available

Palo Alto Networks warns that its widely deployed firewalls are under attack with hackers exploiting a critical zero-day vulnerability. Unauthenticated attackers can achieve remote code execution with ...
CoinTelegraph

Kelp exploit highlights problem with non-isolated DeFi lending: Crypto execs

The contagion from the Kelp exploit could have been contained, but at the cost of capital efficiency, according to the founder of Curve Finance. The exploit of the Kelp liquid restaking protocol shows ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
CoinDesk

The $292 million Kelp exploit: how it happened, and what it means for DeFi

A roughly $292 million exploit over the weekend has rattled the crypto industry, exposing vulnerabilities in decentralized finance (DeFi) infrastructure and raising concerns about knock-on effects ...
CoinTelegraph

Aave deposits fall by $15B as Kelp exploit sparks flight from DeFi lender

Aave’s supplied balance has tanked since the Kelp DAO bridge exploit, as users pull funds amid uncertainty over how much of the rsETH-linked shortfall the protocol will ultimately absorb. Aave, the ...
Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Threat actors are using three publicly available proof-of-concept exploits to attack Microsoft Defender and turn the security platform's primary cleanup and protection functions against organizations ...