The Hacker News — FreeIntelHub

The Hacker News CVE Microsoft Amazon Apr 29

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

The U.S.

1 IOC

The Hacker News CVE Apr 29

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python ...

T1598 1 IOC

The Hacker News →

The Hacker News CVE GitHub Apr 28

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an a...

T1190 T1059 1 IOC

The Hacker News →

The Hacker News Campaigns Apr 28

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer...

The Hacker News →

The Hacker News Ransomware Microsoft VMware Linux Apr 28

VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi

Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encrypti...

The Hacker News →

The Hacker News General Apr 28

Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About

Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway, push the data...

The Hacker News →

The Hacker News CVE GitHub Apr 28

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,0...

T1190 1 IOC

The Hacker News →