A new study suggests that even the most extreme exoplanets might not be entirely inhospitable.
Get the latest international news and world events from around the world.
New Torg Grabber infostealer malware targets 728 crypto wallets
A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets.
Initial access is obtained through the ClickFix technique by hijacking the clipboard and tricking the user into executing a malicious PowerShell command.
According to researchers at cybersecurity company Gen Digital, Torg Grabber is actively developed, with 334 unique samples compiled in three months (between December 2025 and February 2026) and new command-and-control (C2) servers registered every week.
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Construction, non-profits, real estate, manufacturing, financial services, healthcare, legal, and government are some of the prominent sectors targeted as part of the campaign.
“What also makes this campaign unusual is not just the device code phishing techniques involved, but the variety of techniques observed,” the company said. “Construction bid lures, landing page code generation, DocuSign impersonation, voicemail notifications, and abuse of Microsoft Forms pages are all hitting the same victim pool through the same Railway.com IP infrastructure.”
Device code phishing refers to a technique that exploits the OAuth device authorization flow to grant the attacker persistent access tokens, which can then be used to seize control of victim accounts. What’s significant about this attack method is that the tokens remain valid even after the account’s password is reset.
GitHub adds AI-powered bug detection to expand security coverage
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks.
The developer collaboration platform says that the move is meant to uncover security issues “in areas that are difficult to support with traditional static analysis alone.”
CodeQL will continue to provide deep semantic analysis for supported languages, while AI detections will provide broader coverage for Shell/Bash, Dockerfiles, Terraform, PHP, and other ecosystems.
PolyShell attacks target 56% of all vulnerable Magento stores
Attacks leveraging the ‘PolyShell’ vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores.
According to eCommerce security company Sansec, hackers started exploiting the critical PolyShell issue en masse last week, just two days after public disclosure.
“Mass exploitation of PolyShell started on March 19th, and Sansec has now found PolyShell attacks on 56.7% of all vulnerable stores,” Sansec says.
KRAShing pancreatic cancer before takeoff
Drugs that inhibit KRAS signaling delay the development of pancreatic cancer in mice.
Learn more in a new SciencePerspective.
Benjamin G. Neel and Anirban Maitra Authors Info & Affiliations
Science.
Glioblastoma Growth Mechanism Identified, Pointing to Potential Therapeutic Targets
Ruhi Polara, PhD, who led the research alongside Robinson, further commented, “Essentially, CD47 is shielding ROBO2, allowing it to accumulate and drive tumor progression. When we remove CD47, ROBO2 is degraded, and the cancer cells lose their ability to grow and invade effectively.”
The findings reveal a previously unknown molecular pathway—CD47–ITCH–ROBO2—that controls how glioblastoma cells behave. This opens up new possibilities for treatment strategies that go beyond current approaches. While therapies targeting CD47 are already being tested in clinical trials for other cancers, they have shown limited success in glioblastoma so far. The new research suggests that directly targeting the CD47–ROBO2 pathway, or disrupting the stabilisation of ROBO2, could be a more effective strategy. “In summary, our study reveals a role of CD47 in regulating cellular plasticity suggesting that targeting ROBO2 could offer a promising alternative therapeutic strategy for GBM,” they stated.
“By understanding this mechanism, we now have new targets to explore,” Polara said. “This could lead to the development of therapies that specifically block the tumor’s ability to spread, which is one of the biggest challenges in treating glioblastoma.”
New ultra-fast particle detector could help unmask dark matter
The CMS experiment at CERN is building a new detector that will unravel the chaotic particle collisions at the Large Hadron Collider, helping scientists identify particles based on their speeds.
What if Olympic officials could record sprinters’ times only to the nearest minute? “We would know who started the race, and who finished the race, but that’s it,” said Bryan Cardwell, a postdoctoral researcher at the University of Virginia. “There’s no way to know who arrived first and who arrived last.”
Cardwell and his colleagues on the CMS experiment are currently tackling a similar problem. The CMS experiment records the tracks and properties of subatomic particles created by the Large Hadron Collider, the world’s most powerful particle accelerator. As it stands, physicists get a picture of all the particles produced in a collision, but they have insufficiently detailed information about when the particles were produced or how fast they were traveling, making it difficult to tell them apart.