The Hacker News

Session Cookie Theft: You Showed Your ID at the Door. But Someone Else Has Your Room Key

Stolen session cookies bypass MFA because tokens remain valid for hours or days, enabling silent account takeovers without triggering security alerts.
CSO Online

Seven IBM WebSphere Liberty flaws can be chained into full takeover

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.

Headless 360: Salesforce's latest pitch to let AI do the dev work

Salesforce has introduced what it calls Headless 360 at its developer event TDX, which starts today in San Francisco, ...
9to5Google

Google previews I/O 2026 sessions: What’s new in Android, AI, more

With I/O 2026 a month away, Google has posted the initial sessions list. The developer conference runs from May 19-20.

Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...

Google Chrome adds infostealer protection against session cookie theft

Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block ...
SecurityWeek

Google Rolls Out Cookie Theft Protections in Chrome

Google’s Device Bound Session Credentials in Chrome protect against session cookie theft by binding authentication to the ...

The best dedicated web hosting of 2026: Expert tested and reviewed

Discover my picks for the top dedicated web hosting providers, with detailed insights on performance, security, and ...

Google Brings New 2FA Theft Protection To Chrome For Windows Users

Windows users now get new Chrome browser protection against 2FA bypass attacks, Google has announced. Here’s what you need to ...
Microsoft

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of ...
PC Magazine

The Best Website Builders for 2026

Want to build a website with minimal cost and effort? The best website builders we've tested include useful tools for quickly creating attractive, well-designed pages for blogs, online businesses, and ...