The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Bleeping Computer

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web ...
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.

Chrome for macOS soundly beats browser benchmark records

Google has set new browser performance records for Chrome following a year of improvements, with the latest results made ...

Meet Fabrice Bellard: The French engineer whose code powers YouTube, Netflix and TikTok, yet he has spent 30 years quietly out of the spotlight

Most people can name the founders of Apple, Microsoft, Meta or Tesla. Fabrice Bellard remains largely unknown outside ...
Ars Technica

Websites have a new way to spy on visitors: Analyzing their SSD activity

Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors’ browsing histories, device fingerprints, and keystrokes and mouse movements in real time. Even ...
Lifehacker

Update Chrome ASAP to Protect Yourself From This Active Exploit

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...
Morning Overview on MSN

The fake-CAPTCHA trick spreading now asks you to paste a command that installs malware

The Federal Trade Commission issued a consumer alert in June 2026 warning that a new breed of fake CAPTCHA pop-ups is tricking Windows users into running malicious commands on their own computers. The ...
Ubergizmo

Did You Notice? Gooogle Says Chrome Is Now Up To 10% Faster

Google has officially rolled out updates to its Chrome browser, delivering measurable speed improvements that reach up to 10% in ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...