The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

SAP Patch Day: NetWeaver vulnerability allows code injection

In March, SAP addresses partly critical security vulnerabilities in various products in 15 advisories. Admins must act.

Junshi Biosciences Announces NMPA Acceptance of New Drug Applications for Toripalimab Injection (Subcutaneous) Across 12 Indications

Shanghai Junshi Biosciences Co., Ltd (Junshi Biosciences, HKEX: 1877; SSE: 688180), a leading innovation-driven biopharmaceutical company dedicated to the discovery, development, and commercialization ...

Why Your AI Girlfriend is a Privacy Time Bomb: 150M Users at Risk

The post Why Your AI Girlfriend is a Privacy Time Bomb: 150M Users at Risk appeared first on Android Headlines.

VALLOUREC SECURES A CARBON STORAGE CONTRACT WITH BP BERAU LTD. FOR THE FIRST OFFSHORE INJECTION WELLS IN PAPUA, INDONESIA

VALLOUREC SECURES A CARBON STORAGE CONTRACT WITH BP BERAU LTD. FOR THE FIRST OFFSHORE INJECTION WELLS IN PAPUA, INDONESIA ...

Xint Code Demonstrates Human-like Discovery and Prioritization of Business Logic Vulnerabilities, Analyzing Millions of Code Lines in Just Hours

Theori, a leader in offensive security research, today announced the commercial availability of Xint Code, the first completely LLM-native Static Application Security Testing (SAST) tool capable of ...

Chrome emergency update: Two attacked code-injection vulnerabilities patched

Google released an emergency update for Chrome on Friday night. It patches two security vulnerabilities that were attacked on the internet.

Google Stacking vs Traditional Link Building: A Strategic Comparison

WILMINGTON, DE - March 20, 2026 - PRESSADVANTAGE - G-Stacker has announced the general availability of its digital ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...