The Hacker News

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive ...
Decrypt

Fake OpenAI Repo Hit #1 on Hugging Faceā€”And Stole Passwords While It Trended

A fake repo impersonating the OpenAI Privacy Filter model racked up 244,000 downloads in under 18 hours before Hugging Face ...

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
Hackaday

Running Your Own 3G Network

CDMA2000 was one of the protocols defined for 3G networks and is now years out of date and being phased out worldwide. Nevertheless, there are still vast numbers of phones that will happily connect to ...
CSO Online

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover ...