The Hacker News

Claude Code Security and Magecart: Getting the Threat Model Right

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at ...

Infostealers are being disguised as Claude Code, OpenClaw and other AI developer tools

Kaspersky warns of malvertising campaign abusing Claude Code Fake download sites deliver Amatera infostealer on Windows, AMOS ...
SecurityWeek

UK Companies House Exposed Details of Millions of Firms

The government agency confirmed the vulnerability could have been exploited to obtain company details and alter records.
TMCnet

Linux Foundation Announces $12.5 Million in Grant Funding from Leading Organizations to Advance Open Source Security

GitHub, Google, Google DeepMind, Microsoft, and OpenAI Join Forces with the Foundation to Invest in Sustainable Security Solutions for the Open Source Ecosystem SAN FRANCISCO, March 17, 2026 ...

How Competition Goes A Long Way For The Future Of Housing

Contests and competitions drive innovative thinking into housing where they can be accelerated, financed and brought to scale ...

What is Cloudwashing? How to Identify a True SaaS Payment Solution

As cloud-based software continues to mature, the practice of cloudwashing persists – a misbranding exercise where vendors market traditional hosted or on-premises software as true SaaS. The problem is ...

Java 26 with JVM optimizations, HTTP/3, and finally no Applet API

The current OpenJDK 26 is strategically important and not only brings exciting innovations but also eliminates legacy issues ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

New iOS 26 Security Update Warning—Make Sure This Setting Is Enabled

Apple has confirmed a new security update for iOS users, but you need to make sure this setting is enabled to get it. Here’s ...

Apple pushes first Background Security Improvements update to fix WebKit flaw

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on ...
The Hacker News

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

DNS flaw in Amazon Bedrock and critical AI vulnerabilities expose data and enable RCE, risking breaches and infrastructure ...

AI Slop vs. Open Source: AI Industry to Help with 12.5 Million US Dollars

Open source projects are suffering from a flood of AI-generated code change requests. The Linux Foundation is seeking to help ...