The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...
Cybernews

Next.js turf war heating up: Cloudflare’s vibe-coded gambit humbled by critical security bugs

Cloudflare’s experimental AI-built Next.js alternative, vinext, has been released with critical security flaws, escalating a feud with Next.js maintainer, Vercel.
Cyber Daily

12.5m impacted in major automotive marketplace breach

A data breach impacting a major online automotive marketplace has led to the data of millions of users being stolen by threat actors.
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

Alabama man pleads guilty to hacking, extorting hundreds of women

A 22-year-old Alabama man pleaded guilty to extortion, cyberstalking, and computer fraud charges after hijacking the social media accounts of hundreds of young women (including minors).
SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...

Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time ...
Dark Reading

Bug in Google's Gemini AI Panel Opens Door to Hijacking

Attackers could have exploited the vulnerability to escalate privileges, violate user privacy while browsing, and access sensitive resources ...