Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...
The Verge

OpenAI responds to Axios HTTP hack by updating security certificates.

When hackers got access to an account belonging to the maintainer of Axios, they inserted a script that granted remote access to users’ Windows, macOS, and Linux devices. This malicious version ...
GitHub

reddit_rankings_backup.html

.rank-1-5 .rank-badge { background: linear-gradient(135deg, #10b981, #059669); color: white; } .rank-6-15 .rank-badge { background: linear-gradient(135deg, #f59e0b, # ...
The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet. "A purpose ...