A Glimpse into the “Search Your Target” Market for Stolen Credentials

Attackers no longer need to sift through massive credential dumps. They can pay others to do it for them. Flare explores how ...
The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
PCMag

I Traced My Leaked Email Address to the Dark Web. Here's How It Got There

After AI-powered scams overwhelmed my inbox, I investigated how my email address ended up on the dark web—and discovered the ...
Tech Times

Embodied AI World Models Attracted $6 Billion, But the LLM Parallel May Not Hold

Embodied AI world models drew $6 billion in Q1 2026 alone, but new analysis from Fusion Fund investors argues the LLM scaling ...

24B Records Exposed in Massive Leak of Emails, Passwords, and Login Data

Cybernews researchers found an exposed database with 24 billion credential records, raising fresh risks from password reuse ...
InfoQ

Ky 2.0 Fetch API Wrapper with Revamped Hooks, Smarter Timeouts, and Built-In Schema Validation

Ky 2.0 is an open-source JavaScript HTTP client built on the Fetch API, featuring significant updates such as consolidated ...
The Hacker News

Free Apps Are Turning Smart TVs Into Web-Scraping Proxies for AI

A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how, with the user's consent, it can turn devices, including always-on smart TVs, into exit ...
TechCrunch

The token bill comes due: Inside the industry scramble to manage AI’s runaway costs

Across the industry, companies are starting to balk at the price of AI. Uber blew through its entire 2026 AI coding budget by April. Microsoft revoked its developers’ Claude Code licenses months after ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token. "Just by clicking a link, it's possible ...
Ars Technica

AI costs how much? GitHub Copilot users react to new usage-based pricing system.

In April, GitHub announced that it was moving subscribers from request-based billing to a usage-based model for its AI-powered Copilot service. As that new pricing model goes into effect today, many ...
Crypto Briefing

Cardano partners with Token Terminal to enhance onchain data access

Cardano now has its own dedicated section on Token Terminal, the analytics platform that institutional investors and developers use to compare blockchain networks the way stock screeners compare ...
TechCrunch

Coders are refusing to work without AI — and that could come back to bite them

In 2026, you cannot pry AI coding tools out of developers’ vise grip, researchers have discovered. But while AI is undoubtedly helping coders produce code faster, it may not be producing better code, ...