Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...
The Next Web

A single click on a Microsoft link could have drained your inbox. Here’s how SearchLeak worked.

Varonis chained three bugs in Microsoft 365 Copilot Enterprise Search into a one-click data theft path that bypassed phishing filters and CSP protections.
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
thecyberexpress

Critical Ghost CMS Vulnerability Exploited to Hack 700+ Websites

A critical Ghost CMS vulnerability identified as CVE-2026-26980 has been exploited in a widespread cyber campaign that compromised more than 700 websites, including platforms associated with major ...
GitHub

A lightweight, single-binary JS renderer for JavaScript SPAs and SSR sites, where startup latency (milliseconds vs. 1-2 seconds) and memory footprint (~10 MB vs. ~300 MB ...

rakers renders JavaScript into HTML. Give it an HTML file, a URL, or a bare JS script and it returns the post-execution HTML — including content rendered by React, Vue, Angular, Svelte, Preact, ...