The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
Reuters

Patients scramble to find estrogen patches as shortage worsens after US FDA champions use

Easing safety warnings, shift in sentiment toward HRT trigger sharp increases in use Patients report pharmacy-hopping and dose changes Manufacturers say complex production limit rapid scale-up April 9 ...
Hosted on MSN

Patch AM: API Heritage Festival and 11 more events

Greetings Novi! Your go-to source for what's happening in town is here. Stay in the loop and read on. ☕️️ Coming up on the calendar: ... and check out 4 more events on the calendar! Today's riddle: ...
The Hacker News

⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.