The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...

RenderATL 2026 to Host OpenJS Summit: Spotlighting the Future of JavaScript

RenderATL, the leading tech conference merging innovation, culture, and code, today announced a first-of-its-kind collaboration with the OpenJS Foundation to host a dedicated OpenJS Summit at ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

OpenAI spills technical details about how its AI coding agent works

On Friday, OpenAI engineer Michael Bolin published a detailed technical breakdown of how the company’s Codex CLI coding agent ...
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...

CERT-In Flags High-Risk Chrome Flaw, Urges Immediate Update for Windows, Mac and Linux Users

CERT-In warns millions of Chrome users to update immediately after a critical flaw exposes systems to remote cyberattacks.

Former home secretary Suella Braverman defects to Reform UK

Suella Braverman has become the latest prominent Conservative politician to jump ship and join Reform UK.

Malicious Chrome Extensions found on Web Store, Over 1 lakh users at risk: Remove now

Security researchers have discovered several malicious Chrome extensions on the official Chrome Web Store that can steal user data and compromise privacy. Some of these extensions are still available ...

Thanks But No Thanks on the Claudeswarms, Kevin Roose

The New York Times columnist and Hard Fork podcast co-host might be a little too jazzed about vibecoding. It’s generous of ...

Ryan Wedding pleads not guilty to charges of murder conspiracy and drug trafficking

Ryan Wedding, an alleged drug trafficker and former Canadian Olympic snowboarder who was among the FBI’s most wanted ...
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

First beer, now whisky: the Sleemans revive a six-generation legacy

After selling the brewery that resurrected his ancestors’ storied heritage, John Sleeman is back with a spirits distillery – ...