The Hacker News

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
Security Boulevard

Purchase order attachment isn’t a PDF. It’s phishing for your password

An attachment named New PO 500PCS.pdf.hTM, posing as a purchase order in PDF form, turned out to be something entirely different: a credential-harvesting web page that quietly sent passwords and ...

Inside OpenAI’s fast-growing Codex: The people building the AI that codes alongside you

Insiders reveal how OpenAI’s rapidly growing coding agent works, why developers are delegating tasks to it, and what it means ...

Is It Too Late To Consider Amprius Technologies (AMPX) After Its Recent Share Price Surge

If you are trying to work out whether Amprius Technologies is attractively priced or already baking in a lot of optimism, you are in the right place for a clear look at what the current share price ...
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.