The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.
Infosecurity Magazine

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...

Over 100 Chrome extensions caught stealing Google and Telegram data: How to stay safe?

Cybersecurity experts have reported a coordinated attack involving 108 Google Chrome extensions that steal user data and ...
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
PlasticsToday

Resin Price Report: How to Cope With One of the Most Volatile Resin Markets in a Decade

What “lost-deal” autopsies can teach plastics processors about the real margin problem in the current resin pricing ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...
Yahoo Finance

Global Sildenafil Drug Market Set to Reach USD 6.41 Billion by 2035 – SNS Insider

The need for prefilled and customized syringes is mostly driven by the growing use of biologics, notably in the treatment of cancer and autoimmune illnesses, since these medications require precise, ...

'Heated Rivalry' meets Peloton as Hudson Williams trades hockey to sweat on a Peloton Tread

The obsession with the Canadian show Heated Rivalry continues, and now it's extended to the popular Peloton platform, with ...
GitHub

roblox football fusion 2 script

Roblox Futbool Fusion 2 for Windows PC. Open source hack with aimbot, ESP, auto-farm, speed hack. Available free on GitHub. - dejavu89yellow/football-fusion-2-script ...

Michael drowns audiences in nostalgia to avoid thinking about the artist

Part of me wishes I could enjoy Michael like I did watching The Jacksons: An American Dream as a kid who learned the moves to ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.