The Hacker News

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.
Hosted on MSN

Over 30 WordPress plugins pulled after backdoor discovery

More than 30 popular WordPress plugins were removed after investigators found backdoors inserted by a new owner following a business sale. The malicious code remained dormant for months before being ...
Security Boulevard

Supply Chain Attacks Are Getting Worse—How to Shrink Your Exposure

In March 2026, Trivy, one of the most widely used open-source vulnerability scanners in the Kubernetes ecosystem, was weaponized against the very organizations that relied on it for security.

Attention content creators: your WordPress plugin of choice may have been compromised

Don't blog without the proper protections in place, folks.

Stolen Apple Mac mini resurfaces on Facebook Marketplace as thief posts serial number and license plate

A Reddit user has recounted how the base model Mac mini he bought was stolen after the delivery company left it in a very ...