The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
The Hacker News

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

FAUX#ELEVATE phishing deploys stealers and miners via fake resumes, targeting enterprise systems, enabling rapid credential theft in 25 seconds.

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
TechCrunch

US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine

A mass hacking campaign targeting iPhone users in Ukraine and China used tools that were likely designed by U.S. military contractor L3Harris, TechCrunch has learned. The tools, which were intended ...
CoinDesk

Bonk.fun hacked: Domain hijacked, crypto drainer planted

The operator, known as Tom, said only users who signed a fake terms-of-service message on the compromised site after the ...
Backstage

The ‘Hacks’ Ensemble Knows How to Put on a Show

As we prepare for the 32nd Actor Awards presented by SAG-AFTRA, Backstage is breaking down this year’s film and television ensemble nominees for your consideration. The “Hacks” cast goes Hollywood on ...
PC Magazine

I Taught Myself to Use the Flipper Zero in an Hour, Then Hacked Everything in My Home

It looks like a cute little dolphin-themed toy, but the Flipper Zero is a surprisingly powerful learning tool for hacking. Here's how I mastered mine—and how you can, too. I’ve been writing about ...