ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...

Oscar statuette for Mr. Nobody Against Putin is found after going missing on flight

Director Pavel Talankin had been forced to check the award into hold luggage after TSA agents told him it posed a potential ...
Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...
SecurityWeek

SAP NPM Packages Targeted in Supply Chain Attack

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...

Two Canadians among activists detained after Israel intercepts Gaza aid flotilla

A flotilla organizer from Montreal says two Canadians were detained by Israel after the boats they were sailing on were ...

When can landlords increase rent? Can I get a cat? Your questions answered on renters' rights changes

Most of today's changes apply in England only, including new rules on pets, ending no-fault evictions and fixed-term tenancy ...
Queerty

“Do you wanna move to the bed?”: Breaking the “right guy” myth one bad hookup at a time

The following is an excerpt from "Pretty," a fierce memoir about queerness, masculinity, and race, by Lambda Literary ...
Security Boulevard

10 Warning Signs Your Current Authentication Stack Is a Breach Waiting to Happen

Run a quick self-audit against 10 warning signs that your authentication stack has critical vulnerabilities. Each sign includes a diagnostic check, an explanation of why it's dangerous, and a concrete ...
WinBuzzer

Zig Reinforces LLM Contribution Ban As Anthropic-Owned Bun Forks 4x Gain

The Zig Software Foundation has reinforced its blanket ban on LLM-authored issues and pull requests, and Bun’s 4x Bun-compile ...
Arabian Post

ClickUp email exposure raises SaaS alarm

A hardcoded API key embedded in ClickUp’s public website exposed 959 corporate and government email addresses and more than 3 ...

2026 Kentucky Derby: Early odds after post positions are revealed

The field of 20 elite horses for the 2026 Kentucky Derby is set. Here are the latest odds after the post position draw.
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...