The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Sanctioned Russian oil tanker set to arrive in Cuba despite U.S. blockade

Cuba prepared Monday to receive a sanctioned Russian tanker carrying roughly 730,000 barrels of oil, the first such fuel ...
The University of Alabama at Birmingham

UAB to host Pre-Med Immersion Day in Montgomery on April 18

UAB is an Equal Employment/Equal Educational Opportunity Institution dedicated to providing equal opportunities and equal ...
iDrop News

The iPhone’s Lockdown Mode Is Still a Hacker’s Worst Nightmare

Apple confirms Lockdown Mode hasn't been breached by mercenary spyware in four years. Here’s why the FBI and hackers still ...
Ventureburn

Replit Review 2026: Is It A Good Video & Image AI Generator?

Replit Review explores the features, pricing, and AI tools of this cloud IDE. Find out if it is the best platform for your ...
Opinion
Foreign AffairsOpinion

How Congress Can Prevent a Quagmire in Iran

Earlier this month, Democrats in the House and Senate proposed resolutions that sought to reassert Congress into the warmaking process and limit President Donald Trump’s ability to continue the air ...
The Hacker News

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.