The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

GitHub rushed to fix a critical vulnerability in less than six hours

GitHub’s engineering team developed a fix and deployed it just over an hour after identifying the root cause, protecting both ...
SecurityWeek

Critical GitHub Vulnerability Exposed Millions of Repositories

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.

GitHub will start charging Copilot users based on their actual AI usage

GitHub has announced that it will be shifting to a usage-based billing model for its GitHub Copilot AI service starting on ...

Visual Studio April update adds autonomous cloud agents and a new debugger agent

Microsoft is making Visual Studio more agentic. New tools handle remote coding tasks and analyze live app behavior to find ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
Security Boulevard

SAML vs OIDC vs OAuth 2.0: 12 Differences Every B2B Engineering Team Should Know

Choosing between SAML, OIDC, and OAuth 2.0? Explore 12 critical differences to help your B2B engineering team select the right authentication protocol today.
Every

Mini-Vibe Check: Claude Design Isn’t for Designers—Yet

Anthropic recently launched Claude Design, a web-based tool that lets you feed Claude a GitHub repo, Figma file, or brand kit ...

Tiiny Host Gives AI Agents the Power to Publish Anything Online: 100+ File Types, Zero Friction, One Sentence

Say “publish this as a website” and your AI agent handles the rest: it builds the file, uploads it, and hands you a ...
techENT

Mozilla Takes Aim at Copilot with Thunderbolt, a Self-Hosted Enterprise AI Client

Mozilla, the company behind Firefox and Thunderbird, introduces its own take AI model with places privacy front and center ...
Security Boulevard

DAST Tools: Complete Buyer’s Guide & 10 Solutions to know in 2026

Compare the best DAST tools in 2026. Our buyer's guide covers 10 dynamic application security testing solutions, key features ...
Graham Cluley

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

A hacking group claims to have broken into the flood defence system protecting Venice’s Piazza San Marco – and is offering to ...