The Hacker News

A Browser Extension Risk Guide After the ShadyPanda Campaign

Learn how the ShadyPanda campaign turned trusted browser extensions into spyware and the steps security teams can take to reduce extension risk.

Critical Amazon Kindle Hack Confirmed — What You Need To Know

A hacker found a way to access Amazon accounts using a malicious book downloaded to a Kindle. What you need to know about the ebook attack.
The Hacker News

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure.

Notepad++ users urged to update immediately after hackers hijack the app's updater

The developers of Notepad++ recently discovered an actively exploited vulnerability that enabled hackers to hijack the popular editor's automatic updater. Version 8.8.9 addresses the issue, but ...