The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live ...
Security Boulevard

500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint ...
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...
Le Lézard

Chainguard and Cursor Partner to Secure Agentic Coding with Trusted Open Source

Chainguard, the trusted source for open source, today announced a partnership with Cursor, the leading multi-model AI coding platform, to secure the next generation of agentic software development.
News9Live on MSN

Mustang Panda linked New LOTUSLITE malware now targets Indian banks: Report

A new LOTUSLITE malware campaign is targeting India’s banking sector using phishing files and trusted tools. Researchers say ...
Opinion
Spiceworks on MSNOpinion

Anthropic’s Claude Mythos: Breakthrough or hype machine?

Every IT professional has sat through a vendor presentation where an incremental software update is pitched as a civilization-altering event. In late March 2026, the artificial intelligence industry ...
Cyber Daily

Cutting edge: Anthropic’s Claude Mythos preview is a ‘double-edged sword’, expert says

Frontier models with a focus on cyber security and vulnerability hunting are a boon to network defenders – but the race ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

Attack at Mexican pyramids that killed Canadian was planned, officials say

The assailant may have timed attack to coincide with the Columbine shooting anniversary, according to authorities ...
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...