The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Kiteworks Launches Compliant AI—the Industry’s First Data-Layer Compliance Solution for AI Agent Governance

Solution enforces ABAC, encryption, and audit logs for every AI agent interaction with regulated data—independent of ...

Claude Code vs OpenAI Codex: Which AI Coding Assistant is best for Windows Developers?

Which AI Coding Assistant is best for Windows Developers? Claude Code or OpenAI Codex? If you are a programmer, go through ...

The Cloud Native Stack Finally Gets a Governance Layer: Meshery v1.0 Launches at KubeCon EU

General availability of Meshery v1.0 arrives as AI-generated infrastructure configurations accelerate faster than human ...

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s ...

CISA orders feds to patch DarkSword iOS flaws exploited attacks

CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit.

Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...
Cryptopolitan on MSN

GhostClaw targets developers to extract crypto wallet access

A new malware dubbed GhostClaw is targeting crypto wallets on macOS machines. The fake OpenClaw installer captures private ...
Biometric Update

Aura breach and AI companion app flaws sharpen privacy fears

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.