The Hacker News

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Magento flaw allows unauthenticated file uploads up to 2.4.9-alpha2, enabling RCE or takeover, exposing stores to attack risk.
SecurityWeek

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

Over 7,500 Magento sites, including major brands and government services, were hit in an ongoing mass-defacement campaign.

1 in 85: The cocaine-positive truck driver turned pretend SAP cleared 1,000 drug violations

How a cocaine-positive truck driver exploited a federal self-certification loophole to clear 1,000 prohibted Clearinghouse violations The post 1 in 85: The cocaine-positive truck driver turned ...

OpenAI 'Superapp' to Merge ChatGPT, Codex, and Atlas Browser

OpenAI has a Mac "superapp" in development that unifies its ChatGPT app, Codex coding platform, and Atlas browser, reports ...