The Hacker News

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Magento flaw allows unauthenticated file uploads up to 2.4.9-alpha2, enabling RCE or takeover, exposing stores to attack risk ...

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 ...
Security Boulevard

That “job brief” on Google Forms could infect your device

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

Stryker attack raises concerns about role of device management tool

A suspected wiper attack against medtech giant Stryker has led much of the security community to examine the role of ...

Java 26 with JVM optimizations, HTTP/3, and finally no Applet API

The current OpenJDK 26 is strategically important and not only brings exciting innovations but also eliminates legacy issues like the outdated Applet API.
Decrypt

Microsoft Launches MAI-Image-2 Text-to-Image Model—And It's Better Than Expected

Microsoft's AI image generator offers impressive realism and text rendering, but strict content limits and 1:1-only output hold it back.

Teenagers sue Musk’s xAI claiming image-generator made sexually explicit images of them as minors

Three teenagers in Tennessee have sued Elon Musk’s xAI, claiming the company’s image-generation tools were used to morph real ...

Many Teens Face Strong Peer Pressure to Share Sexual Images, Study Finds

Adolescents said they were more likely to share photos with a dating partner, or when they had been worn down with repeated ...

Adobe’s AI image generator can now be trained on your own art

Adobe is launching customizable AI image generators that can mimic specific artistic styles and character designs. The Firefly Custom Models are available in public beta starting today, allowing ...

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

From pathology image to biological discovery: LazySlide uses foundation models to connect tissue images and RNA data

Microscopic images of human tissue are a cornerstone of biomedical research and clinical diagnostics. Yet despite their importance, these images often remain difficult to analyze systematically and to ...

Malicious campaign targets popular OpenWebUI AI interface to mine crypty and steal credentials

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.