News

The Hacker News

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata (Tue, 03 Feb 2026)
Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant built into Docker Desktop and the Docker Command-Line Interface (CLI), that could be exploited to execute code and exfiltrate sensitive data. The critical vulnerability has been codenamed DockerDash by cybersecurity company Noma Labs. It was addressed by
>> Read more

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate (Tue, 03 Feb 2026)
Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor promises “complete coverage” or “AI-powered automation,” but inside most SOCs, teams are still overwhelmed, stretched thin, and unsure which tools are truly pulling their weight. The result? Bloated stacks, missed signals, and mounting pressure to do more with less. This
>> Read more

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package (Tue, 03 Feb 2026)
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Cybersecurity company VulnCheck said it first observed exploitation of CVE-2025-11953 (aka Metro4Shell) on December 21, 2025. With a CVSS score of 9.8, the vulnerability allows remote unauthenticated attackers to execute arbitrary
>> Read more

When Cloud Outages Ripple Across the Internet (Tue, 03 Feb 2026)
Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down websites and services that many other systems depend on. The resulting ripple effects have halted applications and workflows that many organizations rely on every day. For consumers, these outages are
>> Read more

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks (Tue, 03 Feb 2026)
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit. Zscaler ThreatLabz said it observed the hacking group weaponizing the shortcoming on January 29, 2026, in attacks targeting users in Ukraine, Slovakia, and Romania, three
>> Read more

Print | Sitemap
© Alpha Technology Group
Login

Web ViewMobile View

Logout | Edit page