The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
PCMag

US Disrupts Aisuru, Botnet Behind Record-Breaking 30Tbps DDoS Attacks

In total, the operation went after four botnets, estimated to have infected millions of devices across the globe, including TV boxes, web cameras and Wi-Fi routers.
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
Wired

You Can Now Install—and Update—Microsoft Store Apps Using the Command Line

I can't stand opening the Microsoft Store. It's slow to load, confusing to browse, and full of ads for things I don't care about. Luckily, thanks to a new feature, I don't have to open the Microsoft ...
eWeek

WordPress AI Assistant Puts Prompt Editing on the Menu for 40% of the Web

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
TechCrunch

Intellexa’s Predator spyware used to hack iPhone of journalist in Angola, research says

A government customer of sanctioned spyware maker Intellexa hacked the phone of a prominent journalist in Angola, according to Amnesty International, the latest case of targeting someone in civil ...
Entrepreneur

Your SEO Strategy Is Already Outdated If You’re Not Using Prompt Engineering — Here’s Why

AI advancements have shifted SEO focus to include user intent, making prompt engineering a vital tool in content optimization. Traditional SEO pillars, such as technical optimization and high-quality ...
Hosted on MSN

Dollar Tree command hook hack!

Experts clear up 'concern' over side effects of drug used by millions Anthony Albanese raises government 'concerns' with Israeli president Bunnings’ $26k solution to housing crisis ‘Far from the truth ...
CNET

The Age of Promptware: How AI Hacking Is Threatening the Smart Home, and What to Do

Prompt injections have become one of the biggest emerging threats to the modern home as AI adoption grows. It's a new era of malware -- and one that requires new defenses. Tyler Lacoma Editor / Home ...
Task & Purpose

A hacker posted a Marine vet’s health info online and bragged about it

A Tennessee man is facing prison time for hacking into a Department of Veterans Affairs health platform, accessing a Marine Corps veteran’s personal health information, and posting it on an Instagram ...