The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
The Hacker News

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of ...
SecurityWeek

Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore

Cybersecurity experts share insights on securing Application Programming Interfaces (APIs), essential to a connected tech ...

Chainlit AI framework bugs let hackers breach cloud environments

Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, ...

I used GPT-5.2-Codex to find a mystery bug and hosting nightmare - it was beyond fast

The $20-per-month ChatGPT plan is more than enough for occasional bug fixes and feature addition runs. Here's a prime example by yours truly.

Millions of people imperiled through sign-in links sent by SMS

Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of people, leaving them vulnerable to scams, identity theft, and other crimes, ...

Pentera Labs warns vulnerable demo apps are being actively exploited in the wild

Moreover, many of the vulnerable apps are under active exploitation. About 20% of exposed instances contained artifacts ...