New stealthy Quasar Linux malware targets software developers

A previously undocumented Linux implant named Quasar Linux (QLNX) is targeting developers' systems with a mix of rootkit, ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
USA Today

OpenClawd Ships Verified Skill Screening After Security Researchers Find 12% of OpenClaw Marketplace Skills Are Malware

NEW YORK, NY (PinionNewswire) — NEW YORK, NY — (March 17, 2026) — OpenClawd AI today released a security-focused platform update that adds automated skill vetting, verified installer sourcing, and ...
Nature

CRISPR makes enhanced cancer-fighting immune cells inside mice

The powerful gene-editing technique CRISPR–Cas9 might offer a way to make safer, more effective cancer-fighting immune cells engineered inside the human body, a mouse study has found. Cancer-fighting ...
The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that ...
SecurityWeek

Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks

Cybersecurity firms have analyzed the AI agent social network Moltbook and found a vulnerability exposing sensitive data, as well as malicious activity conducted by the bots. Moltbook emerged ...
Infosecurity-magazine.com

Vibe-Coded Moltbook Exposes User Data, API Keys and More

A self-styled social networking platform built for AI agents contained a misconfigured database which allowed full read and write access to all data, security researchers have revealed. Moltbook was ...
IEEE

Enhancing Web Security Through Machine Learning-Based Feature Selection for Cross-Site Scripting (XSS) Attacks Classification

Cross-Site scripting attacks get more sophisticated, so their protection becomes tough under web application security. XSS is also one of the major vulnerabilities that hackers use to inject malicious ...
GitHub

Reflected XSS in ui.add_css, ui.add_scss, and ui.add_sass via Style Injection

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
Redmond Magazine

Microsoft Locks Down Entra ID Authentication with Script Injection Blocking

Microsoft is tightening security around its Entra ID sign-in process by blocking external script injection, a move that could force some orgs to rethink their browser extension strategies. The update, ...
Bleeping Computer

Microsoft to secure Entra ID sign-ins from script injection attacks

Microsoft plans to enhance the security of the Entra ID authentication system against external script injection attacks starting in mid-to-late October 2026. This update will implement a strengthened ...
Windows Report

Microsoft to Block External Script Injection in Entra ID Sign-In for Stronger Security

Microsoft has announced that it’s working on a major security update for Entra ID that will block external script injection during authentication. As part of its Secure Future Initiative, the company ...