The Hacker News

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

Experts exploited an XSS flaw in StealC’s admin panel, exposing operator sessions, system details & stolen cookies without ...

The Tea App Is Back With a New Website

Months after major data leaks, the app where women leave Yelp-style reviews about men is relaunching with a new website. It’s ...

StealC hackers hacked as researchers hijack malware control panels

A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware ...

How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026.
The Information

Anthropic and OpenAI’s Coding Tools Produce Websites with Security Flaws

Websites created through coding tools from OpenAI, Anthropic, Cursor, Replit and Devin have security flaws, new research ...