Arabian Post

SAP developers face npm supply shock

Malicious code inserted into four SAP-related npm packages exposed developer workstations and automated build systems to credential theft, marking a sharp escalation in attacks against open-source ...

Data stolen in Canvas hack that hit thousands of schools has been returned, company says

Data stolen in a cyberattack that shut down an education platform used by universities and K-12 schools across the US last week has been returned to the platform’s parent company, Instructure, ...
Indiatimes

Hack of the day: Use plus code as a precise digital address

Getting someone to the right spot isn’t always as simple as sharing a street address. In many cases, addresses are incomplete, point to the wrong entrance, or fail to capture the exact location you ...
Decrypt

Hackers Insert Malware Into Mistral AI Software Download

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
Bloomberg L.P.

Crypto Hack Sparks $9 Billion Outflows From Top DeFi Lender

A weekend hack that saw almost $300 million drained from a little-known crypto project has triggered a crisis of confidence among decentralized-finance investors, with users pulling billions of ...

Google Says Criminal Hackers Used A.I. to Find a Major Software Flaw

The company said that it had identified, for the first time, hackers using artificial intelligence to discover an unknown bug ...
TechCrunch

Hackers are abusing unpatched Windows security flaws to hack into organizations

Hackers have broken into at least one organization using Windows vulnerabilities published online by a disgruntled security researcher over the last two weeks, according to a cybersecurity firm. On ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...
WMUR

College student who hacked PowerSchool software says he's grateful he was caught

THE HACKERS MIND AND THE CHAOS HE CREATED. THE FBI CALLS THIS ONE OF THE WORST HACKS THAT THEY’VE SEEN, AND THE HACKER, A 20 YEAR OLD COLLEGE STUDENT, SAYS HE KNEW HE WAS ADDICTED TO WHAT HE WAS DOING ...