The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix ...

AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

One group of hackers used AI for everything from vibe coding their malware to creating fake company websites—and stole as ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

I’ve been following your AI Lab newsletter and really appreciate your insights on open-source AI and agent-based ...
Decrypt

OpenAI Just Open-Sourced a Tool That Scrubs Your Secrets Before ChatGPT Ever Sees Them

OpenAI has released Privacy Filter: a small, free model that masks sensitive info before you paste it into an AI chatbot.
Straight Arrow News

Sandy Hook Promise and others use anonymous tips to prevent school shootings. Hackers exposed their data

Software used for submitting anonymous tips in schools was hacked, exposing sensitive records on issues such as potential ...