The Hacker News

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...

White hat helps recover $1.8M after $2.3M Foom Cash exploit

A white hat hacker recovered 80% of the $2.26 million stolen from Foom Cash during last week’s exploit, illustrating the growing importance of ethical hackers in the blockchain space.
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...
SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and exfiltrate data.

‘ClickFix’ hackers pose as VCs, hijack QuickLens in latest crypto attacks

Crypto hackers are expanding their ClickFix attacks using fake VC firms and a hijacked Chrome extension to steal wallet data ...