Critical vm2 Flaws, xLabs_v1 Hijacks IoT Devices, ZiChatBot Malware, and More

THN Daily Updates Cognitive Cyber Crimes in the Era of Artificial Intelligence ($260.95 Value) FREE for a Limited Time Protect your organization from next-generation threats with this comprehensive analysis of cognitive cybercrimes, addressing future legal, ethical, and policy challenges in the age of AI. Download Now Sponsored LATEST NEWS May 7, 2026 ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories Bad week. Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels like it’s normal.... Read More Day Zero Readiness: The Operational Gaps That Break Incident Response Having an incident response retainer, or even a pre-approved external incident response firm, is not the same as being ready for an incident. A retainer means someone will answer the phone. Operational readiness determi... Read More 135 New CVEs Daily. 55 Days to Remediate. You Can't Patch Fast Enough AI exploits new vulnerabilities within days. Your team remediates in 55. The Autonomous Validation Summit (May 12 & 14) covers what fills the gap: proving controls work, prioritizing what's genuinely exploitable, and closing the remediation loop. Free registration + 12-recommendation research brief. Read More PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Lin... Read More vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems. vm2 is an ope... Read More From Phishing to Recovery: Breaking the Ransomware Attack Chain AI-driven phishing enables ransomware entry, with 60% breaches linked to human error, leading to $813M payments in 2024. Read More Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge (ADB) to enlist them in a network capable of carrying ... Read More MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a "false flag" operation. The att... Read More Cognitive Cyber Crimes in the Era of Artificial Intelligence ($260.95 Value) FREE for a Limited Time Protect your organization from next-generation threats with this comprehensive analysis of cognitive cybercrimes, addressing future legal, ethical, and policy challenges in the age of AI. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi