The Hacker News

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Weekly cybersecurity recap covering zero-days, malware, phishing, supply chain attacks, cloud threats, AI security risks, and ...
9to5Mac

OpenAI releases Codex ‘Chronicle’ feature for enhancing context, here’s how it works

Last week, OpenAI released an all-new version of Codex for Mac that includes the best example of AI-driven computer use yet. Today, Codex for Mac is taking its recently gained memory feature further ...
theregister

Next.js developer Vercel warns of customer credential compromise

Vercel, the company that created the open source Next.js web development framework, has a data leak that led to compromise of some customer credentials, and blamed an outfit called Context.ai for the ...
IEEE

Improving API Knowledge Comprehensibility: A Context-Dependent Entity Detection and Context ...

Abstract: Extracting API knowledge from Stack Overflow has become a crucial way to assist developers in using APIs. Existing research has primarily focused on extracting relevant API-related knowledge ...
marktechpost

How to Combine Google Search, Google Maps, and Custom Functions in a Single Gemini API Call ...

In this tutorial, we explore the latest Gemini API tooling updates Google announced in March 2026, specifically the ability to combine built-in tools like Google Search and Google Maps with custom ...
unaids

Decriminalization of drug use in the context of HIV: a guidance note

The decriminalization of drug use and possession for personal use, when implemented effectively, is a critical element in a human rights and public health-based HIV response. The group of countries ...
9to5Mac

Free Claude users can now use memory and import context from rivals

Anthropic is taking advantage of Claude’s recent increase in mindshare with a new memory import tool to encourage switching from competing AI chatbot systems. Claude’s memory feature is also available ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

Microsoft Defender Experts identified a coordinated developer-targeting campaign delivered through malicious repositories disguised as legitimate Next.js projects and technical assessment materials.
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

The cybersecurity industry is on high alert following the disclosure of a critical React vulnerability that can be exploited by a remote, unauthenticated attacker for remote code execution. React ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...
The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as ...