The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
Arabian Post

InvisibleFerret shift raises developer risks

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
cybernews

Microsoft ditches SMS codes for sign-in, says there’s a more secure way to reach your accounts

Text-based codes can be intercepted by hackers who use SIM swapping attacks to redirect a victim's phone number to their own device. Passkeys are a safer option because biometric data stays on a ...

Vibe Coding Cheat Sheet: Tools, Prompts, Security Tips, and More

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and security checks needed.