The Hacker News

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit

Ubuntu CVE-2026-3888 flaw exploits cleanup timing in snap-confine to gain root access, risking full system compromise.

Bitrefill hack linked to Lazarus: what it reveals about crypto risks

Cryptocurrency payments and gift card platform Bitrefill has resumed operations after a cyberattack on March 1, 2026, exposed ...

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites.

Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools

A suspected group of Russian government hackers was caught targeting Ukrainians with new iPhone hacking tools designed for espionage and potentially to steal crypto.
The Hacker News

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

CVE-2026-32746 exposes telnetd via pre-auth flaw (CVSS 9.8), enabling root RCE through port 23, risking full system takeover.
CoinDesk

Bitrefill accuses North Korea-linked Lazarus hacker group for compromising 18,500 purchase records

Bitrefill said a March 1, 2026 cyberattack linked to North Korea’s Lazarus Group compromised parts of its infrastructure, drained some hot wallets and exposed about 18,500 purchase records.

PSA: Hackers can raid iOS 18 with an infected link

The ‘DarkSword’ attack technique can covertly steal messages, contacts, saved credentials, cryptocurrency wallets, and more ...

Researchers uncover iPhone spyware capable of penetrating millions of devices

By AJ Vicens March 18 (Reuters) - A powerful software exploit capable of penetrating and stealing information from potentially hundreds of millions of Apple iPhones was planted on dozens of websites ...