The Hacker News

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...
MSN on MSN

6 projects I’ve already built with my $15 Raspberry Pi Zero 2W

For such an inexpensive, tiny little SBC, it certainly gives me a lot of fun and assistance in a number of projects ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one ...
AllAfrica.com

Nigeria: Oyetola, Others to Discuss Green Ports, Dockworkers' Welfare At 2026 Scan Day

The Minister of Marine and Blue Economy, Adegboyega Oyetola, immediate past President-General of the Maritime Workers Union of Nigeria(MWUN), Adewale Adeyanju, and President of the Nigerian Chamber of ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Euronews

Hackers are using AI to find security flaws no scanner can catch, Google warns

For the first time, hackers have used artificial intelligence to find and exploit a security flaw that no automated scanner would have caught – and Google says only its own active monitoring stopped a ...
Ars Technica

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...