The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

The £5,000 British sex cruise setting sail — with tantra, lube and no single men

This spicy cruise sets sail today, but what does it involve? (Picture: Killing Kittens) Want to embrace your sexual side in ...
Cryptopolitan

Attackers trojanized Arweave’s WeaveDB npm package to deploy malware

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...
The Hacker News

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...
Tech Times

Fake Claude Code Installers on 32 Live Sites Steal Developer API Keys via Google Ads

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
ITmedia

Anthropic、JavaScriptランタイム「Bun」を買収 「Claude Code」は10億ドル ...

米Anthropicは12月3日(現地時間)、JavaScriptランタイム「Bun」を手掛ける米Bunを買収すると発表した。買収金額など具体的な条件については公表されていない。同時に、AIコーディングアシスタント「Claude Code」が一般提供から約6カ月で、年間経常売上高ベース ...