The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
CNBC

SEC and Elon Musk agree to settle lawsuit over Twitter buyout in 2022

The SEC and Elon Musk agreed to settle a lawsuit filed last year by the regulator against the world's richest person. Musk was sued by the SEC for allegedly violating securities law in the run-up to ...
The Guardian

Elon Musk settles SEC lawsuit over Twitter purchase and agrees to pay $1.5m fine

Musk won’t have to give up any money he allegedly saved from delaying disclosure of initial purchase of Twitter stock Sign up for the Breaking News US newsletter email Elon Musk settled the US ...
The New York Times

S.E.C. Settles Lawsuit Against Elon Musk Over His Twitter Disclosures

The agency, which has been pulling back on lawsuits against major companies, ended a case that had accused Mr. Musk of hiding his purchases of Twitter stock. He agreed to pay $1.5 million. By Cecilia ...
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...
The Sentinel

PIAA District One baseball first-round playoff scores, roundups

The PIAA District One baseball playoffs began Monday, May 18, for Class 5A and 6A, while the smaller-school classifications start Tuesday, May 19.