The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
MyBroadband

Claude Code trojan found in NPM

Supply chain security company Safety has discovered a trojan masquerading as Anthropic’s popular Claude Code AI software development assistant. Anthropic describes Claude Code is an agentic coding ...

Data center powered by natural gas fuel cells pitched in Chantilly

An Atlanta data center developer wants to build a facility in Chantilly that would be powered by natural gas fuel cells.
Thurrott

Anthropic Engineer Debates Use of Markdown vs. HTML in AI Agent Output

Markdown has emerged as the lingua franca of AI, especially with the proliferation of AI agents. But an Anthropic engineer argues that HTML is a better choice for output. And despite my love of ...

Malicious npm packages: SAP software compromised

Several SAP npm packages were exposed to a supply chain attack. The hacker group TeamPCP is behind it, say security researchers.
How-To Geek on MSN

My dream Google Chrome extension didn't exist, so I vibe coded it with Claude

Your dream product could be a few prompts away.