latesthackingnews.com

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise's PostgreSQL sidecar service. An unauthenticated attacker can ...
SecurityWeek

Atlassian, Splunk Patch Critical Vulnerabilities

Atlassian and Splunk have released patches for critical vulnerabilities, including dozens of flaws in third-party ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

How Taylor Parker Faked Her Pregnancy in the Netflix Doc, Maternal Instinct

Parker, 27, pretended to be pregnant to bolster her relationship with Wade Griffin after the pair began dating in July 2019.

Where is Taylor Parker now? Netflix documentary 'Maternal Instinct' revisits how she faked her pregnancy — and ended up on death row.

Netflix's "Maternal Instinct" revisits Taylor Parker's elaborate fake pregnancy scheme and the murder of Reagan ...
The Hacker News

âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...

105K Chrome Installs Linked to Adware and Fake Google Traffic

Socket researchers linked 152 Chrome wallpaper extensions to hidden data logging, fake Google search traffic, and ad ...
Business Wire

Standard Nuclear Executes First-of-Its-Kind Agreement with U.S. Department of Energy to Deploy Advanced Fuel Production Line

OAK RIDGE, Tenn.--(BUSINESS WIRE)--Standard Nuclear, Inc., a reactor-agnostic producer of TRISO nuclear fuel, announced today that it has executed an Other Transaction Agreement (OTA) with the U.S.
SecurityWeek

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. A critical Splunk Enterprise vulnerability is being exploited ...