The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
Decrypt

Hackers Insert Malware Into Mistral AI Software Download

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...

We need to talk about Kevin, the new Trump man at the Fed

Fed independence could take a hit given Trump’s preference for hiring sycophant, his open desire for lower interest rates and ...

Old South Meeting House to debut eye-opening tech show

Boston nonprofit Revolutionary Spaces Inc. is investing $4.5 million in an eye-opening, immersive audiovisual tech show ...

Retiring? An AI agent will see you now to download your knowledge

It sounds like science fiction, but that’s how one company is trying to tackle a real workforce challenge in Canada ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

Apple Releases Safari Technology Preview 243 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March ...
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

New WordPress Plugin: MUTE Spam Blocker Brings Zero-Code Contact Form Protection to Millions of WordPress Sites

The free plugin is now available on the WordPress Plugin Directory, compatible with Contact Form 7, WPForms, Ninja ...
Decrypt

Fake OpenAI Repo Hit #1 on Hugging Face—And Stole Passwords While It Trended

A fake repo impersonating the OpenAI Privacy Filter model racked up 244,000 downloads in under 18 hours before Hugging Face ...
Dark Reading

Cyber Espionage Group Targets Aviation Firms to Steal Map Data

The attacks compromise aerospace and drone firms' systems to exfiltrate GIS files, terrain models, and GPS data to gain a clear picture of analysts' intel.
The Caledonian-Record

Accused correspondents' dinner shooter pleads not guilty to all charges

The accused White House Correspondents' Association Dinner shooter pleaded not guilty in federal court on Monday to all ...