The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Bitwarden CLI 2026.4.0 was compromised in a supply chain attack that targets crypto wallet keys, SSH keys, and CI/CD secrets.

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

After exclusively sharing details with 9to5Mac last September on ModStealer, a cross-platform infostealer invisible to every major antivirus engine ...

Codex is OpenAI’s agentic experience for software developers and it’s getting a major update today that makes it useful ...

Vibe coding is great for quick prototypes but a disaster for security. Treat AI apps as disposable sketches, then have real engineers rebuild them for production.

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the ...

The ides of security March are upon us — Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and Kubernetes as an ...

Waterloo PhD student Wei Wei, who led the research – credit, University of Waterloo, released Researchers at the University of Waterloo have discovered a way to turn plastic waste into acetic acid, ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

OpenClaw's rapid rise highlights growing interest in AI agents beyond chatbots. Its open-source design has accelerated adoption from Silicon Valley to China. Moltbook adds to OpenClaw’s buzz by giving ...