The Hacker News

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.
CSO Online

Old Docker authorization bypass pops up despite previous patch

A 10-year-old issue involving Docker Engine and the AuthZ authorization plug-in lives again to enable attackers to gain ...
WinBuzzer

Microsoft April 2026 Patch Tuesday Fixes 167 Flaws, 2 Zero-Days

Microsoft has fixed 167 vulnerabilities in its April 2026 Patch Tuesday update, including an actively exploited SharePoint ...
CoinDesk

Hack at Vercel sends crypto developers scrambling to lock down API keys

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects ...
SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Threat actors can extract Google API keys embedded in Android applications to gain access to Gemini AI endpoints and ...
Infosecurity Magazine

Google API Keys Quietly Gain Access to Gemini on Android Devices

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform.

Visualping Expands API Access for All Users Across Every Plan

Visualping, the world's leading website change detection platform used by teams at 85% of Fortune 500 companies, has ...

Google Ads API to require multi-factor authentication

Google’s new MFA requirement for the Ads API strengthens security but may require advertisers to adjust authentication ...
Yahoo Finance

North American Niobium Receives Key Seigneurie Authorization

Vancouver, British Columbia, March 26, 2026 (GLOBE NEWSWIRE)-- North American Niobium and Critical Minerals Corp. (CSE: NIOB) (FSE: KS82.F) (OTCQB: NIOMF) (North American Niobium or the Company) is ...
Hosted on MSN

Study finds thousands of sites exposed API keys and other credentials

Researchers scanning 10 million webpages have found that nearly 10,000 pages contained live API credentials left in plain sight, potentially exposing access to services from cloud platforms to payment ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...