The Hacker News

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
latesthackingnews.comOpinion

The ASLR Caveat on NGINX’s Critical HTTP/3 Flaw Changes Nothing About Urgency

CVE-2026-42530, the NGINX HTTP/3 vulnerability rated CVSS 9.2, is collecting dismissals because exploitation requires ASLR to ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
LinkedIn

APIs are Dead. Context is the New Contract

"Software is dead. Long live cloud." - Marc Benioff famously declared in 2013. Today, I make an equally bold assertion: APIs are dead. Long live context. We're witnessing the twilight of the API ...
LinkedIn

Generative AI Capabilities in SAP Integration Suite

SAP Integration Suite, a robust and flexible cloud-based platform, integrates various applications and systems to streamline business processes. Recently, SAP has introduced cutting-edge Generative AI ...