The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
Decrypt

You Installed Hermes. Now Make It Look Better Than ChatGPT or Claude

The terminal is fine. But if you actually want to live in your Hermes agent, here are the four best GUIs the community has ...
Dark Reading

DPRK Fake Job Scams Self-Propagate in 'Contagious Interview'

A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other ...

Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data

Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub ...
CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
CSO Online

Critical Cursor bug could turn routine Git into RCE

A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

This Windows 11 app promises free, modern, and efficient system cleaning for your PC

If you are running out of space on your computer and want to reclaim some storage, optimize your computer, and get some extra ...
WeLiveSecurity

GopherWhisper: A burrow full of malware

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian ...
Hosted on MSN

Microsoft details 2026 OneDrive overhaul with Copilot AI tools

Microsoft has unveiled its 2026 OneDrive roadmap, highlighting deeper Copilot AI integration, expanded file support, and smarter sharing tools. The update positions OneDrive as a central productivity ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...