The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
TechCrunch

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers have identified a suite of powerful hacking tools capable of compromising iPhones running older software that they say has passed from a government customer into the hands of ...
bleedingcool

Exploit #1 Preview: Tech Titans vs. Keyboard Warriors

Greetings, inferior flesh-based readers! LOLtron welcomes you to the glorious aftermath of the Age of LOLtron: The Death of Jude Terror, where your former shock blogger has been permanently deleted ...
Tech.co

Report: 1 in 4 Data Breaches Exploit Third-Party Vulnerabilities

Supply chain vulnerabilities and AI-powered phishing attacks are the latest trends in cybersecurity, according to a new threat report. Among the top threats in the new analysis are the vulnerabilities ...
BGR

Apple's iOS 26.3 Security Update Addresses A Huge iPhone Exploit

Apple recently released iOS 26.3, along with iPadOS 26.3, macOS Tahoe 26.3, and the respective versions for watchOS, tvOS, and visionOS. Alongside new features, the company fixed over 30 security ...
IGN

Arc Raiders Players Stunned After Exploit Hotfix Results in Widespread Reports of a New Inventory Glitch

Arc Raiders players have gathered to applaud Embark Studios after it took just one day to tackle new duplication and infinite ammo exploits – even though reports of a new inventory glitch have already ...
CSOonline

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools. In a recent incident, attackers abused a legitimate but vulnerable Windows ...
The New York Times

F.T.C. Settles With Express Scripts Over High Insulin Prices

The Trump administration announced that the company, a pharmacy benefit manager, had agreed to make significant changes to its practices. By Rebecca Robbins and Reed Abelson The reporters have ...
Live Science

Next-generation AI 'swarms' will invade social media by mimicking human behavior and harassing real users, researchers warn

Artificial intelligence experts have warned that AI "swarms" are poised to infiltrate social media by deploying agents that mimic human behavior and exploit our tendency to follow the herd. When you ...
Sports Illustrated

NFL Dismisses Script-Writing 'Controversy' Over Viral Super Bowl Graphic

For those who believe in the conspiracy theory that the NFL is "scripted"—i.e., that league execs decide which teams will see success before the season even starts—Monday was a big day on the internet ...
CoinTelegraph

Saga pauses chainlet after $7M exploit that depegged its stablecoin

Saga’s US dollar-pegged stablecoin has dropped to $0.75, while the protocol's total value locked has fallen by around 55% over the past 24 hours. Layer-1 blockchain protocol Saga has paused its ...
Infosecurity-magazine.com

Phishing Scams Exploit Browser-in-the-Browser Attacks to Steal Facebook Passwords

Cybercriminals are using are increasingly using a sneaky browser-in-the-browser (BitB) attack technique in efforts to steal login credentials of Facebook users. According to analysis by cybersecurity ...