The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
Memeburn

OpenAI code security issue: Hackers steal internal data in 2026

OpenAI confirms a severe 2026 supply chain attack compromised internal repositories. Discover how this TanStack security ...

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...
Tech Times

WordPress 7.0 Ships AI Agent Infrastructure: API Key Theft Risk Surfaces on Launch Day

WordPress 7.0 “Armstrong,” released May 20, 2026, arrived without the real-time collaborative editing feature that had been ...

Security Researcher: WordPress 7.0 Could Trigger Rush To Steal AI API Keys

WordPress 7.0 exposes AI API keys. Security researcher says there "will be an absolute rush by hackers to steal API keys" ...
CoinDesk

Vitalik Buterin outlines Ethereum's privacy measures. Here is what it means for the network and ETH

Privacy is widely seen as the necessary feature for the widespread adoption of blockchain technology. Ethereum is taking ...
CoinTelegraph

Bitcoin developer launches privacy-focused Nostr VPN using public keys

One of the earliest Bitcoin developers launched a new privacy-focused version of Nostr VPN that replaces centralized identity providers with cryptographic keys. Martti Malmi, an early Bitcoin ...
Morning Overview on MSN

Three separate supply-chain attacks hit npm, PyPI, and Docker Hub within 48 hours — all three targeted developer cloud credentials and SSH keys

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...
cybernews

Supply chain hit once again: single NPM account pushes 600+ compromised packages, used by millions

Another massive supply chain attack is spreading. Hundreds of compromised NPM packages are being detected, with hackers using stolen secrets to create over 2,200 public GitHub repositories, all ...
Entrepreneur

What Are Trade Secrets and How to Protect Them

Trade secrets are a cornerstone in the strategic architecture of businesses, representing invaluable assets that give it a competitive edge. These could encompass formulas, practices, processes, ...
Cybernews

Google Cloud developers going bankrupt over Gemini API key abuse: hard spending caps now available

Developers are being hit with massive, unexpected charges, sometimes over $67,000, because Google’s budget alerts and fraud ...