UK mortgage approvals up before Iran war triggered surge in rates

Approvals for UK home loans climbed for the first time in five months, a sign housing demand was gaining momentum before the ...
The Hacker News

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Magento flaw allows unauthenticated file uploads up to 2.4.9-alpha2, enabling RCE or takeover, exposing stores to attack risk ...

Google Explains Googlebot Byte Limits And Crawling Architecture

Google's Gary Illyes published a blog post explaining how Googlebot works as one client of a centralized crawling platform, ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

Stryker attack raises concerns about role of device management tool

Researchers from Halcyon told Cybersecurity Dive the Stryker attack impacted all phones and workstations with an Intune base ...

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 ...

London AI Startup Coda One Launches Free Platform With 59 Productivity Tools, Taking Aim at Subscription Fatigue

Coda One, a London-based AI startup, has launched a free online platform combining 59 AI writing, PDF, image, and developer ...
Security Boulevard

That “job brief” on Google Forms could infect your device

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

Indirect Injection and Multi-Modal Attacks: Poisoning the Pipeline

Indirect prompt injection represents a more insidious threat: malicious instructions embedded in content the LLM retrieves ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...
Decrypt

Microsoft Launches MAI-Image-2 Text-to-Image Model—And It's Better Than Expected

Microsoft's AI image generator offers impressive realism and text rendering, but strict content limits and 1:1-only output ...

Dutch court rules against Grok over AI-generated 'undressing' images in rare legal rebuke

AMSTERDAM, March 26 (Reuters) - A Dutch court on Thursday ordered Elon Musk's xAI and chatbot Grok not to generate and ...