The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
The Hacker News

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
Variety

Paramount President Jeff Shell Sued for $150 Million Over Alleged PR Contract

Jeff Shell, the president of Paramount Skydance, was sued Monday by a man who claims he is owed $150 million for crisis communications services and for Shell’s refusal to help produce a TV show. The ...
London South East

Shell to sell Jiffy Lube and Premium Velocity for over USD1 billion

(Alliance News) - Shell PLC on Monday announced a US subsidiary's agreement to sell Jiffy Lube International, and its Premium Velocity Auto LLC business, to a Monomoy Capital Partners affiliate for ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
PC World

Installing an AI assistant on your PC? 5 do’s and don’ts

PCWorld examines essential safety practices for new personal AI assistants like Claude Cowork and Perplexity’s Personal Computer that offer extensive desktop control capabilities. These AI tools can ...