The Hacker News

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

A large-scale campaign impersonates open-source and freeware project portals to redirect users through a gated TDS and ...
Morning Overview on MSN

OpenAI asks all macOS users to update immediately after the TanStack attack forced the company to rotate its code-signing certificates

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...
KXAN

Malaysia says Iranian oil transfers near its waters exploit a maritime loophole

KUALA LUMPUR, Malaysia (AP) — Malaysia ’s maritime agency says Iranian-linked tankers are exploiting “jurisdictional gaps” to conduct ship-to-ship transfers of sanctioned oil near its waters, ...
WREG

Google disrupts hackers using AI to exploit an unknown weakness in a company’s digital defense

Google said Monday that it had disrupted a criminal group’s attempt to use artificial intelligence to exploit another company’s previously unknown digital vulnerability, adding to heightened worries ...
thetechedvocate.org

North Korean Hackers Exploit Axios NPM Package in Major Supply Chain Attack

The attack has raised significant concerns about the security of open-source software repositories, particularly those that house libraries and packages relied upon by millions of applications ...
Yahoo Finance

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

The above button links to Coinbase. Yahoo Finance is not a broker-dealer or investment adviser and does not offer securities or cryptocurrencies for sale or facilitate trading. Coinbase pays us for ...
Yahoo Finance

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

SUNNYVALE, Calif., March 31, 2026--(BUSINESS WIRE)--Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today highlighted growing security risks for enterprises relying ...
IT News For Australia Business

Apple patches 'Coruna' exploit

Apple has backported patches for iOS 15 and 16 devices just this week, with iOS 15.8.7 and iOS 16.7.15 released to address the kernel and WebKit vulnerabilities associated with Coruna for devices that ...
Security Boulevard

Slopsquatting: How Attackers Exploit AI-Generated Package Names

AI coding assistants can hallucinate package names, creating phantom dependencies that don’t exist in official repositories. Attackers exploit this predictable behavior through slopsquatting, which ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
VentureBeat

MCP stacks have a 92% exploit probability: How 10 plugins became enterprise security's biggest blind spot

The same connectivity that made Anthropic's Model Context Protocol (MCP) the fastest-adopted AI integration standard in 2025 has created enterprise cybersecurity's most dangerous blind spot. The ...