The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

Google Chrome security flaw: Government flags bugs found in recent version; here's what you need to know and do

CERT-In flags multiple vulnerabilities in Google Chrome that could allow remote code execution and data theft, urging users ...

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that ...

Microsoft unleashes VS Code 1.117 with custom AI model support and fluid chat animations

Ready to supercharge your workflow? Microsoft just made VS Code more flexible than ever with local model support and a ...

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

Firefox 150 turns its PDF viewer into a real PDF editor

Firefox 150 adds page reordering, exporting, and image saving to its built-in PDF viewer, plus split-view improvements and ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...
CDOTrends

The AI That Hacks Back

Anthropic’s newest frontier model — still not publicly available and still technically a “preview” — is the most ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

Badenoch says Starmer's position untenable as PM 'furious' he wasn't told Mandelson failed vetting

Opposition leaders are calling for Keir Starmer to resign after it emerged the Foreign Office did not tell him Mandelson ...

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech

AI model launches, zero-day fixes, privacy scares, robot rollouts, and billion-dollar deals — catch up on the biggest ...