The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
InfoQ

Ky 2.0 Fetch API Wrapper with Revamped Hooks, Smarter Timeouts, and Built-In Schema Validation

Ky 2.0 is an open-source JavaScript HTTP client built on the Fetch API, featuring significant updates such as consolidated ...
latesthackingnews.com

CVE-2026-48907: How the Joomla JCE Exploit Works and What to Do About It

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.
Reuters

US importer files class action against indicted shipping container manufacturers

WASHINGTON, June 3 (Reuters) - A U.S. importer has filed a class action in federal court against the world's largest shipping container manufacturers, accusing them of conspiring ‌to fix prices in a ...
GitHub

TypeScript Remove (tsr) is a utility that removes unused code from TypeScript projects – It's like tree shaking, but for source files

tsr statically analyses your TypeScript project like how tree-shaking is implemented in bundlers. Run tsr to get a list of unused exports and files (modules) in your TypeScript project. Use tsr in ...
law.nyu.edu

Family Defense Clinic files landmark class action over unlawful child removals

A coalition of legal advocates, including NYU Law's Family Defense Clinic filed a major class action against New York City’s Administration for Children's Services (ACS) on Thursday, May 28, ...