The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The U.S. Department of Justice (DoJ) on Thursday announced the arrest of a Canadian man in connection with allegedly operating a distributed denial-of-service (DDoS) botnet known as Kimwolf . In ...

バルテス、リンクウィズにおける「T-DASH」活用事例を公開

~目視確認から脱却し、テスト工数75%削減と1人運用体制を実現~ ...
クラウド Watch

拡張機能が開発者のマシン上の全てにアクセス GitHubを揺るがした ...

開発者が日常的に使うツールが、最も危険な侵入口になった。GitHubの内部リポジトリが5月18日、不正アクセスを受け、2日後にハッカーグループ「TeamPCP」が、盗んだソースコードをサイバー犯罪フォーラムに売りに出した。侵入口となったのはVS Code拡張機能だ。開発者ツールを悪用した連鎖攻撃で、既存のセキュリティツールでは検知できない“ゼロCVEの死角”を突く――。新しい攻撃の形が、開発者エコ ...
How-To Geek on MSN

You're using Excel wrong if you're still manually cleaning data—Python does it for you in ...

Save your clicks with a few lines of Python code.

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
MacStories

Introducing Shortcuts Playground: Create Apple Shortcuts with Claude Code or Codex

Today, I’m pleased to introduce something I’ve been working on for the past six months: Shortcuts Playground, a plugin for ...

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...
How-To Geek on MSN

How I turned an old Kindle into an e-ink portable monitor

My ancient Kindle refuses to go quietly.

Netflixが2026年もJavaを選ぶ理由——アーキテクチャ・AI活用・新JDK ...

こんにちは。エンジニアの直也です。 YouTube「直也テック」でプログラミング教育、Webセキュリティ動画を作っています。 JavaOne 2026で発表された本セッションは、Netflixでプラットフォームエンジニアリングを担うPaul ...
The Hacker News

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Weekly cybersecurity recap covering zero-days, malware, phishing, supply chain attacks, cloud threats, AI security risks, and latest cybercrime trends ...