The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

Released Mandelson messages 'embarrassing', says minister, but defends government record

Lord Mandelson called No 10 "beleaguered and bereft" - while minister Pat McFadden said: "Every meeting I have is 'who can we ...

After CBSE Admits Gaps In OSM, Teen Hacker Reacts With Honey Singh's 'Dope Shope' Meme

Nisarga Adhikary, a 19-year-old hacker who claimed to have found critical vulnerabilities and data security lapses in Central Board of Secondary Education’s (CBSE) On-Screen Marking (OSM) process to ...
MIT Technology Review

The Download: AI-generated lawsuits and virtual power plants for data centers

Would it change anything if you were doing so to help power a local data center? A new project backed by Google will put ...
MIT Technology Review

The Download: Trump’s new AI order, and smart glasses for warfare

Plus: SpaceX plans to raise $75 billion in IPO at $135 per share. This is today's edition of The Download, our weekday ...
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...
DJ TechTools

Farewell, Juno Download

Juno Download is gone. Not winding down, not on sale, just gone. Anyone who visited the site on Monday morning ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...