The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
CoinJournal

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
Tech Times

OpenAI Codex Becomes Desktop Agent: Controls Mac Apps, Watches Screen, Runs on Mobile

Over a six-week stretch in spring 2026, OpenAI rebuilt what its Codex product actually is. On April 16, the company released a major Codex update titled “Codex for (almost) everything,” ...

UK records hottest ever May day as temperature climbs to 34.8C in west London

It's also the hottest May day recorded in Wales, while Scotland and Northern Ireland have had their hottest days of the year ...
Arabian Post

InvisibleFerret shift raises developer risks

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Germany's Dr. Wolff cosmetics company is going all in on AI

This medium-sized, family-run business has embraced artificial intelligence to stay competitive. All employees are encouraged to learn about and apply LLMs.