Patient, precise, clinical - are Scotland ready to make World Cup mark?

Scotland thrash Bolivia and are in decent fettle one week out from the biggest game of their international lives.
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization attacks.

New Zealand: Suspected shark attack halts surfing contest

A surfing competition was thrown into chaos after a photographer was bitten in the water, triggering fears of a shark attack.
Hosted on MSN

OpenAI asks all macOS users to update immediately after the TanStack attack forced the company to rotate its code-signing certificates

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...
The Indian Express

Mythos shock: Why regulators in India, other nations are spooked by Anthropic’s new tool

In 2019, Dario Amodei, then OpenAI’s research director, warned that the startup’s new large language model was “too dangerous to release” due to its potential for generating misleading content. When ...
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
VentureBeat

Anthropic just shipped an OpenClaw killer called Claude Code Channels, letting you message it over Telegram and Discord

Credit: VentureBeat made with Google Gemini 3.1 Pro Image The hit open source autonomous AI agent OpenClaw may have just gotten mogged by Anthropic. Today, Anthropic announced Claude Code Channels, a ...
Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
Forbes

LinkedIn Attack Alert — 1.2 Billion Users Must Watch For Red Flags

Beware this LinkedIn job vacancy hack attack. When you think of social media, it’s likely that Facebook, Instagram and X spring immediately to mind. Unless, that is, you are talking about professional ...
WGAL

IMPACT DAY TOMORROW: Code Orange Air Quality Alert issued for Sunday

The Pennsylvania Department of Environmental Protection has issued a Code Orange Air Quality Alert for Sunday, Dec. 7 in the Susquehanna Valley. The alert has been issued for Lancaster, York, Dauphin, ...
theregister

'Exploitation is imminent' as 39 percent of cloud environs have max-severity React hole

A maximum-severity flaw in the widely used JavaScript library React, and several React-based frameworks including Next.js allows unauthenticated, remote attackers to execute malicious code on ...