The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

Surging Hawks snap the East-leading Pistons’ 4-game winning streak with a 130-129 win in overtime

CJ McCollum scored 27 points, making the tiebreaking three-point play in overtime, and the Atlanta Hawks beat the Detroit ...
InfoWorld

Claude Code AI tool getting auto mode

Anthropic is fitting its Claude Code AI-powered coding assistant with an auto mode for the Claude AI assistant to handle ...

St. Louis plumbing firms push for code changes as labor shortage strains residential service

St. Louis County rules involving plumbers are too strict, some say, especially as the retirement rate continues to tick up ...

Pittsburgh AI startups talk about their approach to using data centers

Pittsburgh AI startups Gather AI, Shelfmark and Profitmind navigate shifting data center needs as they balance cloud costs, ...

I built a personal web page with AI in 5 minutes. You can too!

PCWorld demonstrates how AI tools like OpenAI’s Codex can generate a complete personal webpage in under a minute using simple prompts and user preferences. This vibe coding approach matters for ...
SecurityWeek

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.
The Hacker News

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra ...

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...