The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

What Happens in the First 24 Hours After a New Asset Goes Live

When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from ...

ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
Search Engine Land

Merchant API lands in Google Ads scripts ahead of Content API sunset

Google is pushing advertisers toward a more modern, scalable infrastructure for Shopping integrations—bringing new capabilities (including AI tools) directly into scripting workflows. What’s happening ...