The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
Windows Report

Visual Studio Code Adds More Autonomous AI Workflows and Cross-Device Agent Sessions

Visual Studio Code 1.124 brings more autonomous AI agents, cross-device session support, browser history, and new enterprise controls.
Pen Test Partners

ClickFix, CrashFix and the growing family of copy and paste attacks

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...
XDA Developers on MSN

These open-source tools do what Claude charges for, and some do it better

Your wallet is going to love this list ...

Mistral Vibe: Trying out the new agentic Work and Code interfaces

French AI manufacturer Mistral renames the user interface of its LLM models, stepping into the agentic era of AI applications. Moving away from a purely chat-focused interface towards a central ...
Virtualization Review

Hands-On Lab: Turning PowerShell Scripts into Tools Worth Sharing

Learn how to transform everyday PowerShell one-liners and batch scripts into advanced functions with validation, pipeline support and help. Understand how to organize reusable code into modules with ...
Infosecurity-magazine.com

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
InfoWorld

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers exfiltrated code from around 3,800 of the company’s internal repositories. News of ...
Infosecurity-magazine.com

Fake Claude Code Page Pushes PowerShell Stealer at Devs

A previously undocumented information stealer has been distributed through fake Claude Code installation pages, hijacking Chromium browsers to bypass App-Bound Encryption and exfiltrate cookies, ...