Aggregator

Labour lost its majority on Tameside council, the authority which includes the former deputy prime minister's Greater Manchester constituency.

Zoë Garbett was able to take the Hackney mayoralty for the Greens with 35,720 votes, leaving Labour incumbent Caroline Woodley with just 26,865.

It’s not just gas prices skyrocketing. Frontier-model pricing keeps climbing too

The 35-year-old suffered head wounds after allegedly turning aggressive and trying to harm himself during a party at a £200-a-night Majorcan villa he was renting.

The Trump administration released the first batch of the long-awaited UFO files on Friday, publishing several hundred previously unseen photographs and videos.

mrspoonsi shares a report: Dirty Frag is a vulnerability class, first discovered and reported by Hyunwoo Kim (@v4bel), that can obtain root privileges on major Linux distributions by chaining the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability. Dirty Frag extends the bug class to which Dirty Pipe and Copy Fail belong. Because it is a deterministic logic bug that does not depend on a timing window, no race condition is required, the kernel does not panic when the exploit fails, and the success rate is very high. Because the embargo has been broken, no patch or CVE currently exists. "As with the previous Copy Fail vulnerability, Dirty Frag likewise allows immediate root privilege escalation on all major distributions, and it chains two separate vulnerabilities," Kim said. Detailed technical information can be found here. BleepingComputer notes that the two vulnerabilities chained by Dirty Frag are "now tracked under the following CVE IDs: the xfrm-ESP one was assigned CVE-2026-43284, and the RxRPC isye is now CVE-2026-43500."

Read more of this story at Slashdot.

Rhian Sugden showcased her incredible figure in a plunging swimsuit as she took to Instagram on Thursday, 16 years after her 'sexting scandal' with Vernon Kay.

The polls have closed and the counting has begun. By later today, we will know just who has come out on top in the Scottish elections as the results start dropping in...

House prices have fallen for a second month in a row as the Iran war hits confidence and drives up mortgage costs.

Instead of tackling expenditure, Labour has added to it. And the ultimate guardian of Britain's fiscal fate, the gilts market, is now a playground for hedge funds.

New Jersey health officials are monitoring two state residents who have potentially been exposed to hantavirus aboard a ship contending with an outbreak that has killed three.

Declassified FBI files have reignited theories about secret Nazi UFO programs during WWII. The documents claim the regime developed saucer-shaped aircraft.

In January her husband Brooklyn, 27, said he did not want to reconcile with his mother and father and claimed his parents and his siblings Romeo, 23, Cruz, 21, and Harper, 14, are 'performative'.

The Government has responded to calls to increase everyone's personal allowance from £12,750 to £18,000 after a petition was launched.

Ridden by Ryan Mania and trained by Sue Smith, the horse rose to fame when it claimed victory in the sport's most famous race 13 years ago. The 66-1 outsider ran clear and won by nine lengths.

Not just for hated US Presidents, now even tech bros lament their foes

An anonymous reader quotes a report from Wired: Security researcher Dor Zvi and his team at the cybersecurity firm he cofounded, RedAccess, analyzed thousands of vibe-coded web applications created using the AI software development tools Lovable, Replit, Base44, and Netlify and found more than 5,000 of them that had virtually no security or authentication of any kind. Many of these web apps allowed anyone who merely finds their web URL to access the apps and their data. Others had only trivial barriers to that access, such as requiring that a visitor sign in with any email address. Around 40 percent of the apps exposed sensitive data, Zvi says, including medical information, financial data, corporate presentations, and strategy documents, as well as detailed logs of customer conversations with chatbots. "The end result is that organizations are actually leaking private data through vibe-coding applications," says Zvi. "This is one of the biggest events ever where people are exposing corporate or other sensitive information to anyone in the world." Zvi says RedAccess' scouring for vulnerable web apps was surprisingly easy. Lovable, Replit, Base44, and Netlify all allow users to host their web apps on those AI companies' own domains, rather than the users'. So the researchers used straightforward Google and Bing searches for those AI companies' domains combined with other search terms to identify thousands of apps that had been vibe coded with the companies' tools. Of the 5,000 AI-coded apps that Zvi says were left publicly accessible to anyone who simply typed their URLs into a browser, he found close to 2,000 that, upon closer inspection, seemed to reveal private data: Screenshots of web apps he shared with WIRED -- several of which WIRED verified were still online and exposed -- showed what appeared to be a hospital's work assignments with the personally identifiable information of doctors, a company's detailed ad purchasing information, what appeared to be another firm's go-to-market strategy presentation, a retailer's full logs of its chatbot's conversations with customers, including the customers' full names and contact information, a shipping firm's cargo records, and assorted sales and financial records from a variety of other companies. In some cases, Zvi says, he found that the exposed apps would have allowed him to gain administrative privileges over systems and even remove other administrators. In the case of Lovable, Zvi says he also found numerous examples of phishing sites that impersonated major corporations, including Bank of America, Costco, FedEx, Trader Joe's, and McDonald's, that appeared to have been created with the AI coding tool and hosted on Lovable's domain. "Anyone from your company at any moment can generate an app, and this is not going through any development cycle or any security check," Zvi says. "People can just start using it in production without asking anyone. And they do."

Read more of this story at Slashdot.

Saffron Cole-Nottage, 32, died on February 2, 2025, after falling head-first while walking her dog with her daughter on The Esplanade in Lowestoft, Suffolk.

The Trump administration's explosive UFO files contained some of the most shocking documents of unidentified phenomena on Earth and in outer space to date.

Pope Leo XIV has become an unexpected social media star and has been hailed as a 'style icon' thanks to his very bold fashion choice.