Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...
The Hacker News

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...
Hackaday

A Modern Web Browser For Classic Mac OS

When using older computers there comes a point at which modern software drops support, as for example is happening with builds for Windows XP. Every now and then though, along comes something that ...
Hackaday

This Week In Security: Ubiquiti Fixes, And FreeBSD Joins The Club You Don’t Want To Join

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...

Fingerprint launches AI Assistant Detection to spot traffic from ChatGPT, Gemini and Claude

The first, AI Assistant Detection, gives businesses real-time visibility into traffic from major AI assistants, including ...
The Hacker News

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

A large-scale campaign impersonates open-source and freeware project portals to redirect users through a gated TDS and ...

The engineer who helped build top South African technology companies, including Superbalist, MasterStart, and Yoco

Matthew Goslett’s storied career began with IRC, dial-up Internet, and a fascination with how messages travelled between ...

A scheme for housing, described between bites at a café

Inside Home 05, Mr. Beauparlant has put his decades of design experience to good use: no wasted circulation space; a warm, ...

How China keeps North Korea's economy alive

Pyongyang relies on China for 95% of its legitimate trade; hacking, arms deals and remittances also help it stay afloat.

CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks

Cybercriminals used the Glassworm botnet to infect open source software projects with malware, and in turn hack the ...

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.