The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Research reveals how these simple Chrome extensions are hawking your privacy

Research shows that even simple Chrome extensions can quietly invade user privacy, with some hijacking clipboards, ...
PCMag

Pornhub Is Now Blocked in 23 States and 2 Countries. How to Watch Anyway

To protest age-verification laws, Pornhub is blocked in the US, France, and, effective Feb. 2, the UK. Here's how we got here, and how VPNs can help you continue watching.