Texas Tech QB Brendan Sorsby files injunction vs NCAA in gambling probe

Brendan Sorsby's lawyers have filed an injunction against the NCAA to expedite his reinstatement process over gambling ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
The Register-Herald

Conservative organizations file briefs in support of WV families challenging school vaccine mandates

Conservative organizations — including one that helped with the West Virginia Legislature’s passage of a 2023 religious ...
The Manila Times

Belarus-aligned FrostyNeighbor attacks Ukrainian government, again - ESET Research discovers

FrostyNeighbor, a long-running cyberespionage actor apparently aligned with the interests of Belarus, has been active recently in campaigns targeting governmental organizations in Ukraine.This latest ...

Napa's first cannabis-infused rosé maker files for bankruptcy

Preview this article 1 min The Napa-based beverage maker reported up to $500,000 in liabilities. Its collapse follows the ...
The Hacker News

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.
CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...

Dua Lipa files $15M lawsuit against Samsung over TV boxes

Dua Lipa is suing Samsung Electronics for $15 million over claims it used her image on TV packaging without permission.

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...
InfoWorld

Hands-on with React, Supabase, and PowerSync

If you are building a simple dashboard or a form-based application, the traditional JSON API (REST or GraphQL) approach is ...
Tech Times

LinkedIn Scans Every Chrome User’s Browser Extensions and Ties the Inventory to Their Professional Identity

Every time a professional opens LinkedIn in a Chrome-based browser today, hidden JavaScript silently probes their device for ...