The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...
The Hacker News

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.
Yahoo Finance

Junshi Biosciences Announces NMPA Acceptance of New Drug Applications for Toripalimab Injection (Subcutaneous) Across 12 Indications

SHANGHAI, March 09, 2026 (GLOBE NEWSWIRE) -- Shanghai Junshi Biosciences Co., Ltd (Junshi Biosciences, HKEX: 1877; SSE: 688180), a leading innovation-driven biopharmaceutical company dedicated to the ...
InfoWorld

Cloudflare launches Dynamic Workers for AI agent execution

Cloudflare’s Dynamic Workers aim to simplify how enterprises execute AI-generated code, signaling a shift toward lightweight, ...

Chrome emergency update: Two attacked code-injection vulnerabilities patched

Google released an emergency update for Chrome on Friday night. It patches two security vulnerabilities that were attacked on the internet.

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech

This week’s tech news saw AI tools surge across major platforms as breaches, exploits, legal battles, and security updates ...

Xint Code Demonstrates Human-like Discovery and Prioritization of Business Logic Vulnerabilities, Analyzing Millions of Code Lines in Just Hours

Theori, a leader in offensive security research, today announced the commercial availability of Xint Code, the first completely LLM-native Static Application Security Testing (SAST) tool capable of ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
ConsumerAffairs

Consumer product safety recall roundup for March 26, 2026

This roundup covers recent consumer product recalls and public health alerts from CPSC, FDA, and USDA-FSIS. Check model ...