Microsoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet

EXCLUSIVE For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the ...
Opinion
Foreign AffairsOpinion

Don’t Give Up on Global Order

The second point of emerging consensus is that a fundamental remaking of that order has become essential. The American role in preserving the old order had become counterproductive and unsustainable, ...

Path traversal flaw in AI dev platform Langflow exploited in attacks

Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
Pen Test Partners

ClickFix, CrashFix and the growing family of copy and paste attacks

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
Florida Politics

Sunburn — The morning read of what’s hot in Florida politics — 6.9.26

St. Petersburg mayoral candidate Charlie Crist raised more than $330,000 from the beginning of March through the end of May, bringing his total haul to more than $1.6 million. The fundraising activity ...