The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Macworld

Marvel at over 250 fixes and improvements coming in the Apple updates this fall

Macworld reports that Apple’s fall updates will deliver 263 fixes and improvements across iOS, iPadOS, macOS, watchOS, and ...

npm tackles its riskiest security issues

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...

企業Webサイトの改ざんリスクを緊急点検するサービスを期間限定で ...

情報漏えいIT対策などセキュリティに特化したサービスを提供する株式会社ブロードバンドセキュリティ(本社:東京都新宿区、代表取締役社長:滝澤貴志、以下 BBSec)は、企業Webサイトに組み込まれた外部スクリプトの通信先ドメインを可視化し、悪性ドメインの混入やドメイン乗っ取りリスクを早期に検知する「外部スクリプトURL監視サービス」を提供しています。 このたび、2026年5月以降に外部スクリプトを起 ...
TidBITS

All 264 Items on Apple’s WWDC26 “Sweating the Details” Slide

At WWDC26, Apple flashed a slide listing hundreds of small refinements coming to OS 27. We captured, OCRed, and categorized every item so you can actually read everything that Apple included.