The Hacker News

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in ...

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...
Security Boulevard

Guide to Setting Up OpenID Connect for Enterprises

Learn how to implement OpenID Connect (OIDC) for enterprise SSO. Technical guide for engineering leaders on identity providers, scopes, and secure integration.
MIT Technology Review

AI is already making online swindles easier. It could get much worse.

Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be happening.

Windows 11 Notepad flaw let files execute silently via Markdown links

Microsoft has fixed a "remote code execution" vulnerability in Windows 11 Notepad that allowed attackers to execute local or remote programs by tricking users into clicking specially crafted Markdown ...
WinBuzzer

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...