latesthackingnews.com

CVE-2026-48907: How the Joomla JCE Exploit Works and What to Do About It

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.
GitHub

Vectra: a local vector database

Vectra ships an llms.txt file that gives coding agents everything they need to integrate Vectra into your project. Point your agent at it and let it do the work: Read ...
The Hacker News

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited ...
GitHub

Open Asset Import Library (assimp)

APIs are provided for C and C++. Various bindings exist to other languages (C#, Java, Python, Delphi, D). Assimp also runs on Android and iOS. Additionally, assimp features various mesh ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...