The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...

Stupp Bridge expands with asset purchase of construction materials business

Stupp Bridge Co., a St. Louis-based fabricator of structural steel girders for bridges, has reached a deal to buy certain ...

Firefox 148 adds AI kill switch, fixes 50+ security flaws

With the new Firefox 148 browser update for Windows, macOS, and Linux, Mozilla is introducing a number of new features and ...

Someone built an x86 CPU emulator using pure CSS, for science

The recently unveiled x86CSS project aims to emulate an x86 processor within a web browser. Unlike many other web-based ...

ActiveState Unifies 79M Components to Launch World's Largest Secure Open Source Catalog

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...

Report Shows WordPress Sites Are Getting Hacked At Faster Rate

Patchstack's WordPress vulnerability report shows site are getting hacked within hours of vulnerability disclosure ...
SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...

React survey shows TanStack gains, doubts over server components

Not everyone's convinced React belongs on the server as well as in the browser Devographics has published its State of React ...

Local startup awarded contract from NASA to develop robots that can withstand the vacuum of space

The Pittsburgh robotics startup will develop modular hardware components designed to operate in the harsh vacuum of space.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

A bug in Google Chrome's Gemini AI feature could expose your data or allow attackers to monitor you. Here's how to stay protected.