MSHTML 0-Day Exploited, ClawJacked Flaw, and Malware npm Hiding Pastebin C2

THN Daily Updates Unlocking Data with Generative AI and RAG: Learn AI agent fundamentals with RAG-powered memory, graph-based RAG, and intelligent recall , Second Edition ($35.99 Value) FREE for a Limited Time Developing AI agents that remember, adapt, and reason over complex knowledge isn’t a distant vision anymore; it’s happening now with Retrieval-Augmented Generation (RAG). Download Now Sponsored LATEST NEWS Mar 2, 2026 How to Protect Your SaaS from Bot Attacks with SafeLine WAF Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions, more API calls. But in reality, s... Read More APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability in question is ... Read More SANS SEC560: The Pen Testing Course Defenders Respect Train live in San Diego May 11-16. Seats filling fast. Read More North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat actors have published a set of 26 malicious packages to the npm registry. The packages... Read More ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control. "Our ... Read More Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings ... Read More Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a "supply chain risk." "This action follows months of negotiations... Read More DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether that were allegedly associated with bogus cryptocurrency schemes known as pig butchering. The confiscated funds were tr... Read More Unlocking Data with Generative AI and RAG: Learn AI agent fundamentals with RAG-powered memory, graph-based RAG, and intelligent recall , Second Edition ($35.99 Value) FREE for a Limited Time Developing AI agents that remember, adapt, and reason over complex knowledge isn’t a distant vision anymore; it’s happening now with Retrieval-Augmented Generation (RAG). Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi