Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

New ZIP code tops WNY's most stable neighborhoods for 2026

The last time we did this analysis, Buffalo's 14212 came in as the most unstable neighborhood in Western New York. This year, ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
InfoWorld

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

Former Assassin's Creed Hexe director admits to using AI in the past to learn how to code

Former Assassin's Creed director has admitted to using AI in the past to help him learn to code ...
The Caledonian-Record

HAFNIA LIMITED: Results of Annual General Meeting 2026

Hafnia Limited ("Hafnia", the "Company", OSE ticker code: "HAFNI", NYSE ticker code: “HAFN”) advises that the 2026 Annual General Meeting was held earlier today on 26 May 2026 at 9:00 a.m. (Singapore ...

Google posts Chromium browsers' proof-of-concept exploit code without a fix

Chrome, Edge, Brave, Opera, and other Chromium-based browsers could reportedly be exposed to abuse after Google accidentally ...

CBSE Hacking Row Explodes: Board Denies OSM Breach, Teen Hacker Disputes ‘Testing Site’ Claim

CBSE has denied any breach in its Class 12 evaluation system after a 19-year-old hacker claimed to expose major security ...
The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
Decrypt

Perplexity Built a Tool That Checks Your Computer for Infected Software—Without Setting Off the Infection

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.