Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
Dark Reading

Fake Android Apps Commit Carrier Billing Fraud for Premium Svcs.

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions.
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the security risks of hallucinated dependencies.

Pixazo API Launches HappyHorse MCP and Offers HappyHorse 1.0 API at 30% Off in Limited-Time Discount

HappyHorse MCP brings Alibaba's AI video generation to Claude, Codex & more — now with a limited-time 30% discount ...

Even the closest partnerships can require strategic distance

Carney’s warning about the changing relationship with Washington is supported by an example from the 1970s involving MI5 and ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

“What once took hours now happens in minutes" — How InterSystems transformed operations for Coordinista

The cloud-first digital health development platform provides built-in support for healthcare interoperability standards, ...
Infosecurity Magazine

Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users

A 10-month Android malware campaign has used nearly 250 fake apps to sign victims up to premium services on their mobile ...

AI agent successfully moves Adobe Lightroom to Linux

Claude Code has made the digital photo tool Adobe Lightroom functional on Linux. The project began with a very simple prompt.
Education Week

A District Expects to Save $200K From AI-Powered ‘Vibe Coding.’ Here’s How

Teachers in Washington state’s Peninsula school district seeking critical feedback on their instruction have a new tool to ...