The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

A Comprehensive Guide to JSON Validation and Cleaning

This guide delves into the intricacies of JSON validation and cleaning, providing essential insights and practical steps to ensure data integrity and proper formatting for various applications.
CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.
Dark Reading

Cyber OpSec Fail: Beast Gang Exposes Ransomware Server

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.

Tennessee plans rare execution of a woman. She's fighting back.

The murder that Christa Pike was convicted of demonstrated a brutality and callousness not often seen in women, let alone one ...

‘From healthcare to agriculture, India’s AI leapfrog moment is near’: Snowflake’s Vijayant Rai

India is rapidly emerging as a serious contender in the global AI race, backed by its vast talent pool and ability to deploy ...