The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

The next big car threat is an AI backdoor you can’t detect

Georgia Tech researchers discovered VillainNet, a dormant AI backdoor that lets hackers hijack self-driving cars with 99% success while remaining invisible to current security tools.
Make Tech Easier

Malware Ridden Fake CAPTCHAs Make Me Hate CAPTCHAs Even More

Is that CAPTCHA you just encountered real? Find out how fake CAPTCHAs are installing hidden malware and how to stay safe.

Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.

ATMs are getting hacked the old-fashioned way: with keys and USB drives

Banks across the United States are grappling with a wave of physical malware attacks on their ATMs, according to a new cybersecurity alert from the Federal ...
TalkEsport

R6 Siege Hackers Can Now Control What You See

Is your screen being flooded with images in R6? Learn how the Rainbow Six Siege image hack works, why streamers are at risk, ...
Computing

European Commission breached - investigating mobile hack

The European Commission is investigating a data breach after finding evidence of a cyberattack against its mobile ...
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary places: ...