The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

Max severity Ivanti Sentry vulnerability now exploited in attacks

Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways.

FFmpeg fixes PixelSmash flaw in widely used video decoder

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...
Memeburn

Oracle PeopleSoft Hack Hits 100+ Companies in Zero-Day Attack

Oracle warns of a PeopleSoft security bug abused by hackers to target 100+ companies, with universities hit hardest in 2026.

Oracle warns of critical PeopleSoft attack affecting hundreds of customers

Oracle issues emergency security advisory ...
The Hacker News

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

F5 fixes CVE-2026-42530 and CVE-2026-42055 in NGINX Open Source, addressing HTTP/3 and HTTP/2 flaws that could allow remote ...
CSO Online

Langflow RCE under active attack months after a patch was shipped

Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise.
CSOonline

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...