Checkmk: Highly risky cross-site scripting flaw in network monitoring software

The developers have released updated Checkmk versions. They close a at least highly risky cross-site scripting vulnerability.
The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

A bug in Google Chrome's Gemini AI feature could expose your data or allow attackers to monitor you. Here's how to stay protected.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

Trump says US took 'last best chance' to hit Iran, as Lebanon reports 52 killed in Israeli strikes

The Israeli military says strikes on Beirut and parts of southern Lebanon are a response to attacks on northern Israel by Iran-backed Hezbollah.

Bournemouth 1-1 Sunderland - the fans' verdict

Geoff: On paper, it should have been 90 minutes of attacking football. Sunderland forgot to read the script, but were ...

What did Trump say in his first live remarks since Iran attack?

BBC's Sarah Smith was inside the room as the US president mostly stayed on script while speaking at a White House event.
Infosecurity Magazine

ClawJacked Bug Enables Covert AI Agent Hijacking

Oasis Security reveals how a new ClawJacked vulnerability could allow attackers to silently take over a victim’s OpenClaw ...