The Hacker News

⚡ NASA staff unknowingly shared defense tech with China. A fake U.S. researcher spent years tricking agencies and universities into sending sensitive aerospace software used in weapons development. 🔗 Learn what investigators found in the case → https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html

AI agents don’t create risk. They expose it. The real problem is delegated authority. Most orgs still don’t see or control who is granting that power. If the source is broken, agents will scale the risk fast. 🔗 Learn why AI security starts with fixing delegation → https://thehackernews.com/2026/04/bridging-ai-agent-authority-gap.html

🛑 26 fake wallet apps on Apple’s App Store stole recovery phrases and private keys. They mimicked MetaMask and Coinbase, worked via China-region accounts, and used phishing, OCR, or injected code to capture seed phrases. 🔗 Read → https://thehackernews.com/2026/04/26-fakewallet-apps-found-on-apple-app.html

🛑 A fake PDF reader is being used to quietly take over systems. Tropic Trooper spreads a trojanized app that runs AdaptixC2 via GitHub-based control, then uses Microsoft Visual Studio Code tunnels for access on high-value targets. 🔗 Read → https://thehackernews.com/2026/04/tropic-trooper-uses-trojanized.html

macOS attacks are now hiding in system features. Payloads stored in Spotlight metadata let attackers run code without suspicious files, using native scripting and protocols to move and persist outside standard monitoring. 🔗 Learn how macOS built-ins are being weaponized → https://thehackernews.com/2026/04/threatsday-bulletin-290m-defi-hack.html#macos-stealth-execution-abuse

⚠️ LMDeploy flaw exploited within 12.5 hours of disclosure. The SSRF bug let attackers hit AWS metadata, Redis, and internal services via the image loader to scan networks and access data. WordPress plugin bugs are also being used for full site takeovers. 🔗 Read → https://thehackernews.com/2026/04/lmdeploy-cve-2026-33626-flaw-exploited.html

⚠️ Hackers are breaching companies through Microsoft Teams, posing as IT helpdesk staff. They flood inboxes, then send a Teams message with a “fix” link. One click installs malware, steals credentials, and gives full remote access. 🔗 Learn more → https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html

The math doesn't add up anymore. AI finds vulnerabilities in ⚡ milliseconds. Manual patching takes ⏳ weeks. Learn how to beat the bots at their own game. 🎙️ Featuring: Ofer Gayer (VP Product, Miggo Security) 📍 Webinar: Rethinking Prioritization Secure your spot → https://thehackernews.com/2026/04/webinar-mythos-reality-check-beating.html

🛑 WARNING: Bitwarden CLI was compromised in a supply chain attack. @bitwarden/[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm. 🔗 Learn how the attack worked → https://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html

🔥 Internet’s on fire again... 💸 $290 million DeFi hack ⚠️ Live RCE exploits 📦 Rogue npm packages 🤖 AI prompt attacks 🕵️ App data grab 🔑 Passkey push 🧠 Backdoor claims 💀 Ransomware feud 🧩 Cryptor kits 📩 Blank phishing ⚙️ Binary hijack 🐀 RAT bundle 🍏 macOS abuse 📡 SIM farms 🇪🇺 EU sanctions 🪤 Bot farm bust 🎭 StealTok extensions 🌐 Joomla backdoor 🛒 Leak Bazaar 🌍 RDP scan spike 🧨 Perforce leak 🔗 Catch the full ThreatsDay Bulletin for this week → https://thehackernews.com/2026/04/threatsday-bulletin-290m-defi-hack.html

Move from AI ethics to AI execution. Here’s how to secure your AI deployment. Join Uncharted on May 5 for a technical deep dive. Register here: https://thn.news/ai-summit-x

Anthropic delayed its new AI after it proved too effective at finding and exploiting bugs. It uncovered decades-old flaws and built working exploits—but under 1% were patched. The bottleneck is no longer discovery. It’s fixing at speed. 🔗 Learn how AI is overwhelming vulnerability patching → https://thehackernews.com/2026/04/project-glasswing-proved-ai-can-find.html