The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.

Google Chrome Snuck A 4GB AI Model Onto Computers – Here's How To Remove It (For Now)

Learn how to remove the Google Chrome 4GB AI model. We explain how to disable the Gemini Nano weights.bin file and delete ...
HME News

FTC settles with Express Scripts on agreement to change PBM practices

WASHINGTON – The Federal Trade Commission (FTC) has secured a landmark settlement with one of the nation’s largest pharmacy benefit managers (PBMs), Express Scripts, Inc., and its affiliated entities ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...