Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

5 Biological Traits That Make Snakes Devastating Invaders

Most headlines about invasive species focus on snakes. Burmese pythons in Florida, brown tree snakes in Guam, and Boa ...

11 Electric Cars Worth a Look With Gas Prices High

The war in Iran has auto shoppers sizing up electrics. Many strong cars are on the market, and there are bargains to be had ...

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.
eWeek

Anthropic Briefed Trump Administration on Mythos Cyber Capabilities

Anthropic briefed Trump administration officials on Mythos before wider access, signaling how seriously it views the model’s ...

Booking.com Data Breach Exposes Customer Information, Fuels Scam Concerns

A data breach at Booking.com has exposed customer reservation details, enabling scammers to impersonate hotels and request ...

Meta researchers introduce 'hyperagents' to unlock self-improving AI for non-coding tasks

Meta's new hyperagent framework breaks the AI "maintenance wall," allowing systems to autonomously rewrite their own logic ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Infosecurity Magazine

Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads

However, in a report published on April 15, researchers at Ox Security claimed that a flaw in the protocol could enable ...

Malware campaign lures users with fake Windows Update website

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...
eWeek

Anthropic's Opus 4.7 Sets a New Benchmark Bar

Claude Opus 4.7 is Anthropic's newest flagship model, boasting a jump to 64.3% on SWE-bench Pro (a brutal test of fixing real ...