News

The Hacker News

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data (Sat, 11 Apr 2026)
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two firms merged in July 2023
>> Read more

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs (Fri, 10 Apr 2026)
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments (IDEs) on a developer's machine. The technique has been discovered in an Open VSX extension named "specstudio.code-wakatime-activity-tracker," which masquerades as WakaTime, a
>> Read more

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About (Fri, 10 Apr 2026)
While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions.  A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI threat surface in your network that isn't on anyone's 
>> Read more

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows (Fri, 10 Apr 2026)
Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in an upcoming Chrome release. "This project represents a significant
>> Read more

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure (Fri, 10 Apr 2026)
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including
>> Read more

Print | Sitemap
© Alpha Technology Group
Login

Web ViewMobile View

Logout | Edit page