The Hacker News

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data. Tracked as CVE-2026-20223 ...
The New York Times

Bluesky Says Kremlin Is Hacking Its Platform to Spread Propaganda

The company said it was fighting Russian efforts to hijack real users’ accounts to post fake content, an apparently novel tactic. By Steven Lee Myers Ben Gilbert describes himself on Bluesky, the ...
The Hacker News

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and ...