The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

45 Tweets From This Messy, Messy, Messy Week In Politics

"These people are so out of touch with reality they have zero understanding of what life is like for the average American." ...

OpenAI 'Superapp' to Merge ChatGPT, Codex, and Atlas Browser

OpenAI has a Mac "superapp" in development that unifies its ChatGPT app, Codex coding platform, and Atlas browser, reports ...
Decrypt

OpenAI Plans to Merge ChatGPT, Codex and Atlas Into One 'Superapp': WSJ

OpenAI will consolidate its fragmented desktop products into a single superapp, a report claims, as rival Anthropic gains ...