The Hacker News

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.
Microsoft

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...

UK faces 'economic catastrophe' unless it adapts to young people rewired by smartphones

The UK is facing an "economic catastrophe" unless it adapts to younger generations who have grown up in a digital world, a ...

All You Need To Know About Cloudflare’s Agent Readiness Score

The Cloudflare Agent Readiness Score is a real shift. The composite number is also the wrong thing to optimize for. Here's ...
InfoQ

TanStack Details Sophisticated npm Supply Chain Attack That Compromised 42 Packages

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...

Musk loses OpenAI court battle after jury finds he waited too long to sue

Jurors spent nearly a month hearing and viewing evidence in the high-profile trial, where Musk had accused Altman of ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
eWeek

Google AI Studio Cheat Sheet: Features, Pricing, and More

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and ...
dw

Can the Quad stay relevant to boost Indo-Pacific security?

Foreign ministers from the United States, India, Japan and Australia — collectively known as the Quad — need to put past differences behind them if the alliance is to remain an effective means of ...
DataBreachToday

Patched OpenClaw Flaws Let Hackers Hijack AI Agents

Four chainable flaws in OpenClaw allowed attackers to move from an initial foothold to persistent system-level compromise by ...
CSO Online

Internet Explorer may be dead, but its ghost still runs malware

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...