Unpatched XQUIC Flaw, Hacker Server Leak, Crypto Wallet Exploit and Insecure Android VPN Apps

THN Daily Updates
Newsletter
cover

Outpacing Mythos: How to Fight Back Against AI-Powered Attacks

AI attacks move at machine speed. Join our webinar to learn practical Zero Trust strategies to stop AI threats before they become major incidents.

Download Now Sponsored
LATEST NEWS Jul 10, 2026

Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers

A single wrong variable on one line in XQUIC, Alibaba's QUIC and HTTP/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch. FoxIO researcher Sébastien Fér...

Read More
Twitter Facebook LinkedIn

From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale

Most enterprises assume their asset inventory is close enough to accurate. The evidence suggests otherwise. According to a survey of over 600 security leaders in the 2026 Axonius Actionability Report, only 45% of organi...

Read More
Twitter Facebook LinkedIn

Your Team Shouldn't Spend Hundreds of Hours Hardening Systems

Manual hardening is slow, inconsistent, and impossible to scale. CIS Build Kits give your team a faster path to secure, compliant configurations. With them, you can spend less time on setup and more time on what matters. Explore Build Kits.

Read More
Twitter Facebook LinkedIn

Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites

A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the hacking tools, the activity logs, and target lists naming more than 1.4 million...

Read More
Twitter Facebook LinkedIn

Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking

Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic private and secure...

Read More
Twitter Facebook LinkedIn

Attackers Exploit 'Ill Bloom' Vulnerability to Drain Over $5 Million From Cryptocurrency Wallets

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that con...

Read More
Twitter Facebook LinkedIn

Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks

A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in the U.S. for their role in conspiring with the now-defunct BlackCat ransomware operators to extort multipl...

Read More
Twitter Facebook LinkedIn

Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs

Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. "Operators rely on au...

Read More
Twitter Facebook LinkedIn
cover

Outpacing Mythos: How to Fight Back Against AI-Powered Attacks

AI attacks move at machine speed. Join our webinar to learn practical Zero Trust strategies to stop AI threats before they become major incidents.

Download Now Sponsored

This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here.

Contact THN: info@thehackernews.com
Unsubscribe

THN | K.P BLock, Pitampura, Delhi