Alert - SAP npm Hacked, Linux (Root) Exploit, Gemini CLI RCE and Cursor Flaws

THN Daily Updates Webinar ➞ Autonomous Exposure Validation: Automating Your CTI and Red Team Workflows Understanding Autonomous AI Adversaries in Modern Intrusions Download Now Sponsored LATEST NEWS Apr 30, 2026 EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise adm... Read More New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as CVE-2026-31431 (CV... Read More SEC504 in NYC: Master Incident Handling Before the Next Breach SANS' most popular course hits New York on Aug 10. Hacker tools, IR, AI, 44 labs. GCIH cert path. Read More Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow -- that could have allowed attackers to ... Read More SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. According to reports from Aikido Security, Onapsis, OX Secur... Read More New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic's Claude Opus large language model (LLM). The package in question is "@val... Read More Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate attacks directly into the kill chain. We aren't just talking about AI writing be... Read More What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong) Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting asks: "So, are we actually safe... Read More Webinar ➞ Autonomous Exposure Validation: Automating Your CTI and Red Team Workflows Understanding Autonomous AI Adversaries in Modern Intrusions Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi