The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...

Google Documents Read More Snippet Links Best Practices

Several months after Google launched the Read more links within the Google search results snippets, Google decided to post ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
Security Boulevard

10 Warning Signs Your Current Authentication Stack Is a Breach Waiting to Happen

Run a quick self-audit against 10 warning signs that your authentication stack has critical vulnerabilities. Each sign includes a diagnostic check, an explanation of why it's dangerous, and a concrete ...
GamingOnLinux

GameMaker is launching GMRT, a new modern runtime with source access

The popular game engine GameMaker continues advancing, with a new GMRT runtime that will give developers source access and ...

AI agent's unauthorized data deletion highlights risks in cloud API design

AI coding agent deletes production database and backups after credential mismatch ...
Hoodline

SF Startup Blindsided As ‘Rogue’ AI Nukes PocketOS Data In Nine Seconds

Railway told ABC News that engineers stepped in, pulled from off-site disaster backups to recover users’ material, and ...

Daily Search Forum Recap: April 28, 2026

Here is a recap of what happened in the search forums today, through the eyes of the Search Engine Roundtable and other search forums on the web. Google is now sending notifications to sites over the ...