The Hacker News

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

Taboola pixel redirected logged-in banking users to Temu in February 2026 audit, exposing GDPR and PCI DSS risks.

108 more Chrome extensions found to be injecting ads and harvesting data

Delete these extensions immediately ...

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...