The Hacker News

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Operation FlutterBridge is a macOS malvertising campaign spreading FlutterShell, a Flutter-based backdoor with adware ...

Lender sues Pihakis Restaurant Group over $700K default, alleges shell game with assets

The suit alleges more than two dozen restaurant entities blocked automated withdrawals and moved operations into new ...

German utility Uniper explores deal with planned Ksi Lisims LNG in B.C.

German utility Uniper is exploring a potential deal that would strengthen the planned Ksi Lisims LNG project in British ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

New Kinaxis CEO bets Ottawa supply chain software company will be a SaaS-pocalypse winner

There are reasons to share Mr. Gaurav’s optimism. Maestro is mission-critical software for giants including Ford, Lockheed ...
Queerty

Fitness influencer Tyler James shows off the results of his “de-twinkified” chest

Tyler James is here to help skinny boys de-twinkify their chests. A few years ago, the L.A.-based influencer and fashionista sported washboard abs and an athletic, lean upper-body. Though James was ...

Craig Hall forges ahead with next Hall Park tower

A new 10-story story office tower is coming to Craig Hall's 162-acre office campus in Frisco. About 60% of the building will ...
The Hacker News

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...
Hackaday

This Week In Security: Ubiquiti Fixes, And FreeBSD Joins The Club You Don’t Want To Join

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...