The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...

Ex-Google Engineer Calls Out CBSE's OSM Portal 'Absolute Embarrassment' After Hacker Exposes Major Security Flaws

The Central Board of Secondary Education (CBSE) is already facing severe backlash over the 2026 Class 12 board results, with ...
Geeky Gadgets

How to Avoid Hidden Costs When Using Claude Code Dynamic Workflows

Dynamic workflows in Claude Opus 4.8.8 offer a structured way to handle complex tasks by dividing them into smaller, independent components. These workflows enable parallel task execution, where ...

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...
Developer Tech

Anthropic says AI can turn software patches into exploits within hours

Anthropic’s AI turned Firefox and Windows software patches into exploits within hours, including one Windows proof-of-concept ...
SecurityWeek

Chrome 148 Update Patches Critical Vulnerabilities

Google has released a Chrome 148 update that resolves 79 vulnerabilities, including 14 critical-severity security defects.
DATAQUEST

India's AI surge exposes software supply chain security gaps

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack detection and protection tools.

CBSE OSM row: Venugopal urges PM Modi's intervention, says students 'shouldn't be penalised over systemic failure'

A Delhi student alleged his Physics answer sheet was mismatched under CBSE’s OSM system and later faced severe online ...
InfoWorld

Taming the generative AI back end

Writing code that interacts with LLM services requires bridging two different worlds. Use these tips and techniques to bind the AI model to the logic of your app.