The data breach suffered by convenience store chain giant 7-Eleven in mid-April likely impacts just over 185,000, breach notification website HaveIBeenPwned reports. The incident, 7-Eleven said in a data breach notice filed with the Maine Attorney General’s Office earlier this… Read More "185,000 Likely Impacted by 7-Eleven Data Breach"
The Hacker NewsMay 26, 2026Web Security / Artificial Intelligence Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. They are now using powerful… Read More "New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar"
The packages were designed to steal developer secrets, including AWS credentials, GitHub tokens, SSH keys, browser data, environment variables, crypto wallets, and local development configuration files, according to Socket. The findings indicate a bigger concern than just another malicious package… Read More "TrapDoor malware campaign puts developer workstations in CISO spotlight"
Organizations in India have been urged to patch actively exploited internet-facing vulnerabilities within 12 hours under new guidance that responds to the speed AI now brings to cyber-attacks. According to new guidance from the Indian Computer Emergency Response Team (CERT-In),… Read More "India’s CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws"
Threat actors exploited a KnowledgeDeliver zero-day vulnerability to deploy web shells and backdoors, Google-owned Mandiant reports. A learning management system (LMS) built by Digital Knowledge, KnowledgeDeliver is widely used for enterprise and educational e-learning, mainly in Japan. The exploited zero-day,… Read More "Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment"
The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where “feasible” to safeguard against potential threats stemming from threat actors’ abuse of… Read More "CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks"
AI systems change even when the base model does not. A retrieval index updates overnight. A new tool gets added to an agent’s action space. An evaluation that passed on Tuesday no longer reflects what the system does on Thursday.… Read More "Stop treating AI governance as a review layer. Make it release infrastructure"
Iranian state-aligned hackers have pushed a new backdoor through a mix of career-themed phishing and, for the first time, search engine poisoning, expanding their reach into the American aviation sector during the recent US-Iran military conflict. According to new analysis… Read More "Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning"
In the wake of attacks on CEOs, a nationwide protest movement targeting data centers, and increasing concerns about AI job replacement, federal intelligence agencies and domestic law enforcement are circulating reports with a new domestic target in mind: anti-technology extremists.… Read More "US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows"
Authorities in the Netherlands have arrested the owners of two Dutch companies that allegedly provided bulletproof hosting services to Russian threat actors and evaded sanctions imposed by the European Union. According to an announcement by the Dutch Fiscal Information and… Read More "Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands"
