The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain ...
The Hacker News

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Microsoft has announced plans to improve the security of Entra ID authentication by blocking unauthorized script injection attacks starting a year from now. The update to its Content Security Policy ...
Cleveland.com

14-year-old hacker stole 400,000 students’ personal information from Chagrin Falls ...

CLEVELAND, Ohio— A 14-year-old boy hacked into a Chagrin Falls company’s database and stole hundreds of thousands of students’ personal information, a lawsuit says. The teen, from the Columbus suburb ...
TechCrunch

Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere

A security researcher said flaws in a carmaker’s online dealership portal exposed the private information and vehicle data of its customers, and could have allowed hackers to remotely break into any ...
Infosecurity-magazine.com

Suspected XSS Forum Admin Arrested in Ukraine

A man suspected of administering the Russian-language cybercrime forum XSS was arrested in Ukraine on July 22. In an official statement on July 23, Laure Beccuau, a French State Prosecutor, said that ...
New York Post

Trump admin halts some weapons shipments to Ukraine ‘to put America’s interests first’

The Trump administration has halted the delivery of certain military firepower to Ukraine over concerns that US stockpiles were dropping too low. The White House on Tuesday confirmed that 155mm ...