The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
Decrypt

Perplexity Built a Tool That Checks Your Computer for Infected Software—Without Setting Off the Infection

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
techtimes

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...
Tech Times

OpenAI Codex Becomes Desktop Agent: Controls Mac Apps, Watches Screen, Runs on Mobile

Over a six-week stretch in spring 2026, OpenAI rebuilt what its Codex product actually is. On April 16, the company released a major Codex update titled “Codex for (almost) everything,” ...
Crowdfund Insider

Malware : New ‘TrapDoor’ Supply Chain Attack Reportedly Targets Blockchain and Crypto Devs Across Multiple Ecosystems

Cybersecurity researchers have uncovered a seemingly sophisticated supply chain campaign referred to as TrapDoor, which deploys malicious packages across popular package registries to compromise ...
winbuzzer.com

Microsoft’s Webwright Framework Uses Playwright to For Efficient CLI Web Agent Steering

Microsoft Research has released the Webwright framework, a Playwright based web-agent system that works from code and files in a terminal workspace rather than a browser session. Web agents are AI ...
Internet of People

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

The malware spread through npm, PyPI, and Rust packages in coordinated waves. It steals crypto wallets, SSH keys, and cloud developer credentials. AI coding tools were also targeted through malicious ...

Germany's Dr. Wolff cosmetics company is going all in on AI

This medium-sized, family-run business has embraced artificial intelligence to stay competitive. All employees are encouraged to learn about and apply LLMs.
guardian.co.tt

Experts call for inclusive approach to Caribbean tourism

JavaScript is disabled in your web browser or browser is too old to support JavaScript. Today almost all web pages contain JavaScript, a scripting programming language that runs on visitor's web ...
Mining Weekly

Competition approval awaited for re-start of major ferromanganese facility – Menar

Should you have feedback on this article, please complete the fields below. Please indicate if your feedback is in the form of a letter to the editor that you wish to have published. If so, please be ...
Memeburn

Claude AI Review 2026: Is Anthropic's AI Worth $20/Month?

Explore our detailed Claude AI review, highlighting its features, performance, and user experience. Make an informed choice ...