The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
The Hacker News

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in ...
CSO Online

Software developers: Prime cyber targets and a rising risk vector for CISOs

From technical compromise to AI-driven attacks, cyber criminals increasingly see software developers as prime targets, creating systemic risks CISOs must address.
Decrypt

OpenClaw Creator Gets Big Offers to Acquire AI Sensation—Will It Stay Open Source?

Peter Steinberger's open-source AI agent OpenClaw hit 180,000 GitHub stars and spawned MoltBook chaos. Now Meta and OpenAI ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Opinion

Prediction markets are the new open-source spycraft

Prediction markets turn US secrets into onchain signals. Crypto bets on tariffs and raids become foreign intelligence’s open-source spycraft goldmine.

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
InfoWorld

JDK 26: The new features in Java 26

Java Development Kit (JDK) 26, a planned update to standard Java due March 17, 2026, has reached the initial release candidate (RC) stage. The RC is open for critical bug fixes, with the feature set ...