The Hacker News

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Microsoft released fixes for SharePoint remote code execution vulnerability CVE-2026-45659 with a CVSS score of 8.8.
Arabian Post

Laravel-Lang breach exposes Composer supply chain risks

Hackers have compromised the Laravel-Lang open-source ecosystem, turning trusted PHP localisation packages into a vehicle for credential theft and remote code execution across developer machines and ...

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
Morning Overview on MSN

LiteLLM just fell to a full-chain Pwn2Own exploit combining SSRF and code injection — researchers took full system control

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...
TechRepublic

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google Calendar events. A newly disclosed flaw in Anthropic’s Claude Desktop Extensions ...