The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining

Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
Infosecurity Magazine

Cursor Extension Flaw Exposes Developer API Keys

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...
GamingOnLinux

GameMaker is launching GMRT, a new modern runtime with source access

The popular game engine GameMaker continues advancing, with a new GMRT runtime that will give developers source access and ...

Google Gemini Can Now Generate & Download Files Directly in Your Chat

Gemini can now create and download PDFs, Word, and Excel files directly from your chat, eliminating manual formatting and ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
eWeek

Amazon Welcomes OpenAI to Its Cloud Portfolio

Microsoft keeps a capped revenue share but loses a marquee advantage, forcing Redmond to prove its in-house models can rival OpenAI while juggling new ties to Anthropic. GIF via Amazon/YouTube AWS CEO ...
Security Boulevard

Coming Soon: AI-Scan OpenClaw Ecosystem Security Scanning Capabilities

As the OpenClaw ecosystem continues to surge in popularity, more customers are deploying and utilizing these AI agents on a large scale. However, this growth has brought significant security ...