The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
The Hacker News

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.
SecurityWeek

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.

Emails show tension between Rays, Tampa Sports Authority over parking

Parking has become a sticking point of negotiations for a new Tampa Bay Rays stadium, emails obtained by the Tampa Bay ...

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra ...

Security boffins scoured the web and found hundreds of valid API keys

Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages.
Waterloo-Cedar Falls Courier

What is known about identity of 16-year-old shooting victim in Cedar Falls?

The 16 year old Waterloo victim has been identified in the fatal shooting Sunday at County Terrace Mobile Home Park in Cedar ...

As questions loom, Tampa Sports Authority commissions additional study on Rays stadium roof

Members of the sports authority finance committee reiterated that there are far more questions than there are answers when it ...
The Bismarck Tribune

7-year-old dies in Mercer County crash; 5 others hospitalized, including 3 children

A 7-year-old died and five people were hospitalized with serious injuries following a crash Thursday morning involving two ...
The Caledonian-Record

IRONSCALES Announces New Email Attack of the Day Intelligence Series, Demos Groundbreaking Email Agents at RSAC 2026

IRONSCALES, the AI-powered email security platform protecting 17,000+ global organizations, announced today at RSA Conference 2026 the launch of their new Email Attack of the Day intelligence series.
The Register-Herald

BBB warns consumers about email phishing scams targeting account information

The Better Business Bureau is warning consumers to be cautious of email scams in which fraudsters pose as legitimate ...

iPhone exploit DarkSword has been released in the wild: How to protect yourself

Uh-oh. Now anyone can easily use it.