SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...

Is Russian oil becoming a lifeline for Southeast Asia?

With oil, gas and fertilizer imports squeezed by the Iran war, Southeast Asian governments are brushing off EU pressure and ...

Somali piracy adds new strain to global shipping and trade routes

As ships reroute around Africa to avoid Middle East conflict zones, piracy off Somalia is back. The resurgence is driving up insurance, transit times and security costs, putting new pressure on global ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.

Russia, Ukraine accuse each other of violating U.S.-brokered ceasefire

Separately, Russia’s Ministry of Defense accused Kyiv of committing more than 1,000 ceasefire violations, state media ...

Rubio presses Italy, allies to do more on Iran after talks with Meloni

U.S. Secretary of State is wrapping up a two-day trip aimed at easing ties with Pope Leo after unprecedented attacks on the ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Video: Killer caught on CCTV strolling home after 'one-punch' attack left grandad dead days before Christmas

Grandfather David Darke, 66, never regained consciousness after Nathan Gothard, 37, punched him outside a Leicestershire pub ...