The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...

The Silent Heist: How the ‘TrapDoor’ Campaign is Hijacking Crypto and AI Developers

The security platform Socket has recently discovered an enormous worldwide malware operation that has been dubbed "TrapDoor".
Tech Times

npm Supply Chain Attacks Hit GitHub: 2FA Approval Gate Now Blocks Stolen CI Tokens

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...
Le Lézard

Palabra.ai (Real-Time AI Voice Translator) Hits $1M ARR -- Grows 17x in Six Months

Palabra.ai, the real-time AI voice translator backed by Seven Seven Six, has crossed $1 million in annual run rate, growing ...

4 internet browsers that power users swear by in 2026

Unhappy with the default internet browser choices on your computer or mobile device? Consider these four options often ...
Hackaday

This Week In Security: AI Generated Reports, More AI Generated Reports, GitHub Chaos, And More Linux Vulnerabilities

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...
CoinGabbar

Fake Uniswap Google Ads — $400K Stolen in Phishing Scam 2026

Fake Uniswap Google ads stole over $400K from crypto users in May 2026. SEAL blocked 356 malicious URLs. Here is how the scam ...

The Best Browser Extensions to Get More Out of YouTube

Over the years, YouTube has added a bunch of extra features to improve the viewing experience for its users, but you can ...
SecurityWeek

GlassWorm Botnet Disrupted

The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.
InfoWorld

As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.
Times-News

US stocks inch to more records after oil prices drop

U.S. stocks inched to more records after oil prices fell back to where they were in mid-April. The S&P 500 edged up by less ...