The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts

Zip launches AI superagents and procurement-focused MCP tools to help enterprises automate purchasing, govern ChatGPT and ...
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...

New phishing scam targets Microsoft Outlook and Teams users

The FBI is warning Microsoft 365 users about a new scam that steals digital keys to hack your Outlook or Teams without a ...
Unite.AI

Willem Delbare, Co-Founder and CEO of Aikido – Interview Series

Willem Delbare, Co-Founder and CEO of Aikido, is a serial SaaS entrepreneur and technical founder with a strong background in building developer-focused software companies. Before launching Aikido in ...

Apple’s 2026 Security Events: iPhone Exploits, Zero-Days Put Millions at Risk

Apple’s 2026 security year includes zero-days, iPhone exploit kits, WebKit fixes, and background patches that users and IT ...
NPR

Ukraine invasion — explained

The roots of Russia's invasion of Ukraine go back decades and run deep. The current conflict is more than one country fighting to take over another; it is — in the words of one U.S. official — a shift ...