The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
Hackaday

A Modern Web Browser For Classic Mac OS

When using older computers there comes a point at which modern software drops support, as for example is happening with builds for Windows XP. Every now and then though, along comes something that ...
New York Post

Pro-Iran hacking group targets California tech company in flurry of attacks

San Jose-based eBay was hammered by a massive cyberattack allegedly carried out by a pro-Iran hacking group that’s now threatening some of world’s biggest tech companies. The shadowy “Islamic Cyber ...
CNN

Data stolen in Canvas hack that hit thousands of schools has been returned, company says

Data stolen in a cyberattack that shut down an education platform used by universities and K-12 schools across the US last week has been returned to the platform’s parent company, Instructure, ...
Mashable

Instructure Canvas hack update: Breach involved a specific teacher account type and interrupted finals

Students have struggled with Canvas downtime due to a data breach during school finals. Credit: Piotr Swat/SOPA Images/LightRocket via Getty Images The hacking collective ShinyHunters says it ...
The Cincinnati Enquirer

Canvas back up after ShinyHunters hack forced shutdown

This story has been updated with comments from the University of Cincinnati and Cincinnati Public Schools. Canvas, a cloud-based learning management platform used by thousands of schools and ...
Mashable

Instructure breach update: ShinyHunters claim second hack, deface school websites

ShinyHunters apparently isn't done with edutech giant Instructure. The now-infamous hacking and extortion collective known as ShinyHunters has once again breached Instructure, the education technology ...
DualShockers

Pragmata: Every Hacking Mode, Ranked

Aden Carter is a Contributor at DualShockers who has been covering games professionally since 2020. He specializes in lists and guides, with a focus on RPGs, horror games, survival horror, Soulslikes, ...
The Washington Post

A secretive AI hacking system has sparked a global scramble

When security researchers at Mozilla, the maker of the popular web browser Firefox, pointed a powerful new artificial intelligence model at their code, they had a feeling of “vertigo.” Bobby Holley, ...
CoinDesk

Hack at Vercel sends crypto developers scrambling to lock down API keys

A breach at web infrastructure provider Vercel is forcing crypto teams to rotate API keys and do a deep inspection of their underlying code. In a bulletin, Vercel said the hacker was able to grab ...