#hackernews

Russian hackers hijack internet traffic using vulnerable routers The Russian state cyber group APT28 has been compromising routers to hijack web traffic and spy on victims, the UK’s The National Cyber Security Centre (NCSC) has warned. Attackers are exploiting vulnerable routers to alter DHCP and DNS settings, redirecting traffic through servers they control. “We assess that APT28 is almost certainly the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Centre (GTsSS) Military Intelligence Unit 26165.” said NCSC. Since 2024, APT28 …

13 minutes ago

Russian hackers hijack internet traffic using vulnerable routers

The Russian state cyber group APT28 has been compromising routers to hijack web traffic and spy on victims, the UK’s The National Cyber Security Centre (NCSC) has warned. Attackers are exploiting vulnerable routers …
#hackernews #news

0 0 0 0

Why I returned to Enlightenment Linux after 30 years: Testing the new Elive beta This Debian-based distro brings back the old-school desktop environment but shrugs off the boring UI. I just wish I could've tried voice control.

33 minutes ago

Why I returned to Enlightenment Linux after 30 years: Testing the new Elive beta

This Debian-based distro brings back the old-school desktop environment but shrugs off the boring UI. I just wish I could've tried voice control.
#hackernews #news

0 0 0 0

GrafanaGhost Vulnerability Allows Data Theft via AI Injection GrafanaGhost is a critical vulnerability in Grafana’s AI components that uses indirect prompt injection and protocol-relative URL bypasses to exfiltrate data.

54 minutes ago

GrafanaGhost Vulnerability Allows Data Theft via AI Injection

GrafanaGhost is a critical vulnerability in Grafana’s AI components that uses indirect prompt injection and protocol-relative URL bypasses to exfiltrate data.
#hackernews #news

0 1 0 0

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. [...]

1 hour ago

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link ro…
#hackernews #microsoft #news

0 0 0 0

1 hour ago

The Git Commands I Run Before Reading Any Code

The Git Commands I Run Before Reading Any Code

#HackerNews

piechowski.io/post/git-commands-before...

0 0 0 0

I tried Google Photos' new AI Enhance tool: How it crops, relights, and fixes your shots - sometimes Now rolling out to Android users globally, AI Enhance uses generative AI to improve your photos instantly. Here's how to use it, and where it falls short.

1 hour ago

I tried Google Photos' new AI Enhance tool: How it crops, relights, and fixes your shots - sometimes

Now rolling out to Android users globally, AI Enhance uses generative AI to improve your photos instantly. Here's how to use it, and where it falls short.
#hackernews #news

0 0 0 0

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The vulnerability, tracked as CVE-2026-34040 (CVSS score: 8.8), stems from an incomplete fix for CVE-2024-41110, a maximum-severity vulnerability in the same component that came to light in July 2024. "

1 hour ago

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances.
The vulnerability, tracked…
#hackernews #news

0 0 0 0

2 hours ago

Škoda DuoBell: A bicycle bell that penetrates noise-cancelling headphones

Škoda DuoBell: A bicycle bell that penetrates noise-cancelling headphones

#HackerNews

www.skoda-storyboard.com/en/skoda-world/skoda-duo...

0 1 0 0

The Complete Guide to Passwordless Authentication in 2026: How It Works, Why It Matters, and How to Implement It Passwords are responsible for 80% of data breaches. Passwordless authentication eliminates the attack surface entirely. Here is the complete technical and business guide to how it works, which methods fit which scenarios, and how to implement it in 2026.

2 hours ago

The Complete Guide to Passwordless Authentication in 2026: How It Works, Why It Matters, and How to Implement It

Passwords are responsible for 80% of data breaches. Passwordless authentication eliminates the attack surface entirely. Here is the complete technical and business gui…
#hackernews #news

0 0 0 0

[un]prompted 2026 – Developing & Deploying AI Fingerprints For Advanced Threat Detection Author, Creator & Presenter: Natalie Isak, Software Engineer, Microsoft & Waris Gill, Applied Scientist, Microsoft Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations') YouTube Channel.

2 hours ago

[un]prompted 2026 – Developing & Deploying AI Fingerprints For Advanced Threat Detection

Author, Creator & Presenter: Natalie Isak, Software Engineer, Microsoft & Waris Gill, Applied Scientist, Microsoft

Our thanks to [un]prompted for publishing their Creators, Author…
#hackernews #microsoft #news

0 0 0 0

Legacy Systems are Undermining Financial Institution Cybersecurity Legacy systems are increasing cyber risk for financial institutions, exposing banks to attacks, compliance gaps and rising costs.

2 hours ago

Legacy Systems are Undermining Financial Institution Cybersecurity

Legacy systems are increasing cyber risk for financial institutions, exposing banks to attacks, compliance gaps and rising costs.
#hackernews #news

1 0 0 0

3 hours ago

Veracrypt Project Update

#HackerNews

sourceforge.net/p/veracrypt/discussion/g...

0 0 0 0

How I calibrated my subwoofer placement for peak impact in awkward room setups Adding a subwoofer to your home theater is exciting, but not every room is a perfect square designed for subwoofers.

3 hours ago

How I calibrated my subwoofer placement for peak impact in awkward room setups

Adding a subwoofer to your home theater is exciting, but not every room is a perfect square designed for subwoofers.
#hackernews #news

0 0 0 0

3 hours ago

We moved Railway's frontend off Next.js. Builds went from 10+ mins to under two

We moved Railway's frontend off Next.js. Builds went from 10+ mins to under two

#HackerNews

blog.railway.com/p/moving-railways-fronte...

0 0 0 0

Why Your Automated Pentesting Tool Just Hit a Wall Automated pentesting tools deliver strong early results, then quickly plateau. Picus Security explains how the "PoC cliff" leaves major attack surfaces untested and creates a dangerous validation gap. [...]

3 hours ago

Why Your Automated Pentesting Tool Just Hit a Wall

Automated pentesting tools deliver strong early results, then quickly plateau. Picus Security explains how the "PoC cliff" leaves major attack surfaces untested and creates a dangerous validation gap. [...]
#hackernews #news

0 0 0 0

Major outage cripples Russian banking apps and metro payments nationwide A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia, leaving customers unable to pay by card, withdraw cash, or access mobile banking for hours. According to The Record Media, the incident affected major banks, […]

3 hours ago

Major outage cripples Russian banking apps and metro payments nationwide

A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia, leaving c…
#hackernews #news

0 0 0 0

Acronis MDR by TRU brings 24/7 managed detection and response to MSPs Acronis has announced the launch of Acronis MDR by Acronis TRU, a globally available 24/7/365 managed detection and response (MDR) service. Built specifically for managed service providers (MSPs) of all sizes, the service provides threat detection, incident response, and cyber resilience powered by the Acronis Threat Research Unit (TRU). With this offering, MSPs can expand their security capabilities and deliver scalable protection without the complexity or cost of operating an in-house security operations center. As …

3 hours ago

Acronis MDR by TRU brings 24/7 managed detection and response to MSPs

Acronis has announced the launch of Acronis MDR by Acronis TRU, a globally available 24/7/365 managed detection and response (MDR) service. Built specifically for managed service providers (MSPs) of all sizes, …
#hackernews #news

0 0 0 0

角征典／Masanori Kado

@kdmsnr.com

4 hours ago

🌐GLM-5.1：長期タスクに向けて
https://z.ai/blog/glm-5.1
via #HackerNews

0 0 0 0

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially driven ransomware attacks by exploiting newly disclosed vulnerabilities before organizations patch them. The group targets exposed systems and quickly moves from initial access to data theft and Medusa ransomware deployment, […]

4 hours ago

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially driven ra…
#hackernews #news

0 0 0 0

4 hours ago

Revision Demoparty 2026: Razor1911 [video]

#HackerNews

https://www.youtube.com/watch?v=Lw4W9V57SKs&t=5716s

0 0 0 0

Minimus Hyper-Growth Underway with Yael Nardi as New Chief Business Officer New York, USA, 7th April 2026, CyberNewswire

4 hours ago

Minimus Hyper-Growth Underway with Yael Nardi as New Chief Business Officer

New York, USA, 7th April 2026, CyberNewswire
#hackernews #news

0 0 0 0

4 hours ago

Sonnet 4.6 Elevated Rate of Errors

Sonnet 4.6 Elevated Rate of Errors

#HackerNews

https://status.claude.com/incidents/lhws0phdvzz3

0 0 0 0

I tested the AirPods Max 2, Sony XM6, and Bose Ultra 2: Why Bose is my top pick I've worn the latest over-ear headphones from Apple, Sony, and Bose in real-world settings. Here's how they compare.

4 hours ago

I tested the AirPods Max 2, Sony XM6, and Bose Ultra 2: Why Bose is my top pick

I've worn the latest over-ear headphones from Apple, Sony, and Bose in real-world settings. Here's how they compare.
#apple #hackernews #news

1 0 0 0

Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day Cloudflare announced it is targeting 2029 to complete post-quantum security across its entire product suite, including post-quantum authentication. The company is following a revised roadmap that Google also adopted after announcing that it had improved the quantum algorithm used to break elliptic curve cryptography. Google stopped short of publishing the algorithm, disclosing only a zero-knowledge proof of its existence. The same day, a company called Oratomic published a resource estimate for breaking RSA-2048 and P-256 …

4 hours ago

Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day

Cloudflare announced it is targeting 2029 to complete post-quantum security across its entire product suite, including post-quantum authentication. The company is following a revised roadmap tha…
#hackernews #news

0 0 0 0

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet. "A purpose-built Python scanner continuously sweeps major cloud IP ranges for vulnerable targets, automatically installing malicious nodes via ComfyUI-Manager if no exploitable node is already

5 hours ago

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet.
"A purpose-b…
#hackernews #news

0 0 0 0

キタきつね

@kitafox.bsky.social

5 hours ago

The Hidden Cost of Recurring Credential Incidents Recurring credential incidents drive operational costs as password resets make up 30% of helpdesk tickets, impacting productivity and security.

認証情報に関する問題が繰り返し発生する隠れたコスト

The Hidden Cost of Recurring Credential Incidents #HackerNews (Apr 7)

thehackernews.com/2026/04/the-...

0 0 0 0

Multi-Tenant SaaS and Single Sign-On (SSO) Uncover the complexities of multi-tenant SaaS architecture, understand how SSO simplifies access management, and explore how to fortify security in these enviro

5 hours ago

Multi-Tenant SaaS and Single Sign-On (SSO)

Uncover the complexities of multi-tenant SaaS architecture, understand how SSO simplifies access management, and explore how to fortify security in these enviro
#hackernews #news

0 0 0 0

AI Agents and Non-Human Identities Creating Critical Security Gaps, Report New research from Keeper Security, reveals non-human identities and automated system-to-system interactions are becoming the top security risk for businesses in 2026.

5 hours ago

AI Agents and Non-Human Identities Creating Critical Security Gaps, Report

New research from Keeper Security, reveals non-human identities and automated system-to-system interactions are becoming the top security risk for businesses in 2026.
#hackernews #news

2 0 0 0