The Hacker News

🚨 WARNING: Microsoft confirmed active exploitation of a Windows flaw → CVE-2026-32202. The bug stems from an incomplete fix, allowing attackers to steal credentials via SMB authentication when a malicious file is opened. 🔗 Read details → https://thehackernews.com/2026/04/microsoft-confirms-active-exploitation.html

⚙️ Your AI agents are only as smart as the context they operate on❗Most security teams are racing to deploy AI, autonomous workflows, self-healing environments, and agents that triage before a human even sees the alert. But underneath all of it? Context that's fragmented, stale, and contradictor The technology is ready. The foundation isn't. The team at Axonius is hosting a live webinar on Tuesday, May 26 at 12 PM ET to dig into exactly this. 🗓 AI is Only as Smart as Its Context: Building a Foundation for Trusted Automation. This webinar will cover: • Why conflicting data causes AI agents to hallucinate, and how to fix it • How to build multi-source consensus with verifiable provenance • What decision-grade asset intelligence actually looks like in practice If your team is serious about making AI-driven security actually work, this one is for you! Register here: https://thn.news/trusted-automation

⚡ Checkmarx data is on the dark web... Company links it to a GitHub repo breach from its March supply chain attack. Scope still under review, no customer data confirmed. 🔗 See what’s known so far → https://thehackernews.com/2026/04/checkmarx-confirms-github-repository.html

⚡ This week’s #cybersecurity recap is ugly in the usual way. • Poisoned password manager CLI • Fake Teams help desks • Federal firewall backdoor • Energy wiper • Booby-trapped AI pages • Fake Authenticator extensions • and many more... Read → https://thehackernews.com/2026/04/weekly-recap-fast16-malware-xchat.html

🚨 AI finds bugs faster than teams fix them... More tools = more alerts, but most never get fixed in time. 🔗 See what’s breaking → https://thehackernews.com/2026/04/mythos-changed-math-on-vulnerability.html

⚠️ Hackers breached TrueConf servers across Russia. PhantomCore chained 3 privately developed bugs to skip login, run commands, and move inside networks. Attacks started weeks after patches. 🔗 See how the attacks worked → https://thehackernews.com/2026/04/phantomcore-exploits-trueconf.html

🚨 73 VS Code extensions flagged as malicious. Researchers say some are sleeper packages that later update to steal data and install backdoors across developer tools. 🔗 Full details: https://thehackernews.com/2026/04/researchers-uncover-73-fake-vs-code.html

🚨 11,000+ fake government portals found. A global scam called GovTrap is copying real public service sites to steal personal data and payments from citizens worldwide. 🔗 See how the operation works → https://thehackernews.com/expert-insights/2026/04/ctm360-exposes-global-govtrap-campaign.html

⚠️ WARNING - Fake CAPTCHA pages are now triggering up to 60 hidden SMS charges per victim. Users are tricked into texting premium international numbers, quietly adding charges to their phone bills. 🔗 See how the scam runs → https://thehackernews.com/2026/04/fake-captcha-irsf-scam-and-120-keitaro.html

⚠️ This cyberweapon existed before Stuxnet in 2005 Called "fast16," it sabotaged systems by quietly altering engineering calculations instead of destroying code. 🔗 Full report and findings → https://thehackernews.com/2026/04/researchers-uncover-pre-stuxnet-fast16.html

🚨 Four actively exploited flaws flagged. CISA warns SimpleHelp, Samsung, and D-Link bugs are already used for ransomware and botnets, including admin takeovers and remote command execution. 🔗 See what to patch or replace → https://thehackernews.com/2026/04/cisa-adds-4-exploited-flaws-to-kev-sets.html

🔥 A U.S. federal agency was hacked via Cisco firewall. Attackers used ASA flaws to install FIRESTARTER, a backdoor that stays even after patches and normal reboots. Fix requires full reimage or hard power cycle, not just updating software. 🔗 Read → https://thehackernews.com/2026/04/firestarter-backdoor-hit-federal-cisco.html