The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Researcher reported the vuln in March. Maintainers haven't responded to his messages since ...

Root Evidence Research Finds Only 1.4% of Vulnerabilities Are Known to Be Exploited in Real-World Attacks

Root Evidence, the cybersecurity startup championing evidence-based security, today released new research showing that the ...

The latest ransomware attack used an alleged NSA exploit

The tool the ransomware uses to get inside computers is called Eternal Blue, and it's more of an exploit than a tool. Leaked ...
Morning Overview on MSN

Cybersecurity firms say attackers now weaponize fresh flaws within hours using AI — outracing human defenders in what they’re calling the year of AI-assisted attacks

On the morning of May 12, 2026, a security analyst at a mid-size financial firm noticed something unsettling: a vulnerability ...
Morning Overview on MSN

Anthropic’s Mythos AI is now restricted to a handpicked list of governments and utilities — the most capable cybersecurity model ever built, walled off from the public

In May 2026, the UK’s AI Security Institute confirmed something the cybersecurity world had been bracing for: an AI model ...
SecurityWeek

Gogs Zero-Day Exposes Servers to Remote Code Execution

The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch names. The popular ...
PCQuest on MSN

7 best hacking tools in 2026 every ethical hacker should know

Cybersecurity has become crowded with dashboards, alerts, scanners, and artificial intelligence features. Yet the basic job has not changed much. Security teams still need to know what is running, ...
Bleeping Computer

Google now offers up to $1.5 million for some Android exploits

Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most difficult exploits while scaling back payouts for flaws that artificial ...
TechRadar

Claude Mythos turns years of security research into 20-hour AI exploits

When Anthropic announced Claude Mythos Preview on 7 April 2026, the response went well beyond the cyber security community. Finance ministers discussed it at the IMF. The Bank of England governor said ...
Forbes

Microsoft Windows Alert—Angry Hacker Drops 2 New Zero-Day Exploits

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
CoinTelegraph

THORChain pauses trading after suspected $10M exploit

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...