Websites have a new way to spy on visitors: analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
dw

US planning to halt immigration at 'sanctuary city' airports

The Trump administration's plans would target cities in Democratic-run states that have not cooperated with its immigration clampdown. Millions of foreign tourists are set to arrive in June for the ...
Infosecurity Magazine

PureLogs Variant Steals Data via Purchase Order Lures

The PureLogs module targeted a wide range of browsers, including Google Chrome, Microsoft Edge, Brave, Opera, Yandex Browser, ...
The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

In Her Own Words: Channon Kennedy had the tools to develop her tool company

Channon Kennedy, founder and CEO of The Morgan Square tool company, spent more than 26 years in commercial banking before a ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
The Register-Herald

Scripps National Spelling Bee guide: How to watch, who the notable spellers are, rules and prizes

The Scripps National Spelling Bee runs from Tuesday through Thursday the week. The bee began in 1925, with this year marking ...

Slutty Vegan founder claims $4 million debt in new bankruptcy filings

Slutty Vegan founder Pinky Cole filed amendments to her bankruptcy case, giving a more comprehensive look at who her ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

How the self-employed can stay on track for June 15 tax-filing

The June 15 deadline for self-employed workers to file their income tax returns is approaching, and some clients may need a ...