The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...

Artemis II blasts out of Earth's orbit... and heads to the Moon

Artemis II is now on a looping path that will carry the crew around the far side of the Moon and back again. It is the first ...

Overland Park insurance broker gets delisting warning from NYSE

Preview this article 1 min The insurance sales agency received the notice on March 19. Company officials say they have strong liquidity and plan to maintain their listing. SelectQuote's stock plummets ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

High above Earth, Artemis II crew prepare to thrust on to the Moon

After a spectacular launch the astronauts are preparing for a high-stakes engine burn out of Earth's orbit.

How Cloudflare’s Dynamic Workers Make Serverless Sandboxes 100X Faster

Discover the architecture behind Cloudflare's Dynamic Workers. Learn how they eliminate cold starts and make serverless sandboxes 100x faster for developers.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...