The Hacker News

Which Code Vulnerabilities Actually Get Fixed? New Code Security Data from 50,000+ Repos

Authentication Failures (A07) show the largest gap in the dataset: a 48-percentage-point difference between leaders and the field. Leaders fix at nearly 60%, while the field sits at roughly 12%.
TechJuice

New Chrome Zero Day Lets Hackers Run Code Through Web Pages

Google patches a critical Chrome zero day flaw under active attack, allowing hackers to execute code via malicious web pages.
The Hacker News

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.
InfoWorld

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...

Update now! Chrome security vulnerability is being attacked

Google has released an update for Chrome. It patches 21 security vulnerabilities. Attacks are targeting a code smuggling ...
Security Boulevard

46 Vulnerability Statistics 2026: Key Trends in Discovery, Exploitation, and Risk

Vulnerability attacks rose 56% in 2025. Explore 46 statistics on CVE disclosure, exploitation patterns, and industry impact to guide your 2026 security strategy. The post 46 Vulnerability Statistics ...
Network World

Telnet vulnerability opens door to remote code execution as root

The flaw in a legacy Telnet implementation enables pre-auth remote code execution, exposing affected systems to full ...
SecurityWeek

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.

Telnet: Critical vulnerability allows injecting malicious code from the network

A vulnerability in the telnetd of GNU Inetutils allows attackers from the network to inject malicious code – without prior authentication.