The Hacker News

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.
CoinDesk

Kelp claims that LayerZero approved the setup it blamed for $292 million bridge hack

The $292M exploit, linked to North Korea's Lazarus Group, led Kelp to migrate its rsETH off LayerZero's OFT standard to ...
The Hacker News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft spreads BirdCall via sqgame.net since late 2024, targeting Android users, enabling surveillance and data theft.

ScarCruft hackers push BirdCall Android malware via game platform

The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain ...
SecurityWeek

Hacker Conversations: Joey Melo on Hacking AI

Joey Melo explains how he uses jailbreaking and data poisoning to manipulate AI guardrails and harden machine learning models ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...