The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
Moneylife

CBSE's Digital Exam Portal Had a Master Password That Could Unlock Any Examiner's Account ...

A 19-year-old cybersecurity enthusiast has raised serious questions about the safety of the Central Board of Secondary ...
GitHub

DarkFunct/TK-CVE-Repo

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
AlterNet on MSNOpinion

A small disclaimer exposes a secret Trump project run by Airbnb founder

A small disclaimer on a website just exposed a secret project with no reporting, oversight, transparency or accountability ...
INQUIRER.net

Job Openings

Support HR processes related to recruitment, job evaluation, onboarding and employee retention. Advise leaders and employees ...
GitHub

bitquark-subdomains-top100000.txt

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...

npm 生态遭大范围投毒:TanStack、Mistral AI、UiPath 等受波及,可窃取云 ...

IT之家5 月 12 日消息,网络安全检测机构 Socket 于当地时间 5 月 11 日发出警报,在开源工具库 TanStack 旗下约 84 个 NPM 软件包的恶意版本中发现疑似凭证窃取恶意代码。 受影响软件包覆盖 42 个 @tanstack/* 命名空间下的项目,其中 @tanstack / react-router 的周下载量超 1200 万次,此类工具包在 NPM 生态中被广泛直接或 ...