The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

Google Issues Zero-Day Attack Alert For 3.5 Billion Chrome Users

Google has issued an update alert for 3.5 billion Chrome browser users following confirmation of a new zero-day attack ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...
Security Boulevard

Axios supply chain attack chops away at npm trust

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Hoodline

Fake CAPTCHA Scam Tricks Windows Users Into Installing Password-Snatching Malware

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.

Germany's green reputation hits a crossroads

Germany's new climate spend is big on wind power and e‑mobility. Some call it real momentum, others say it’s basically a ...

Microsoft Weekly: new Game Pass tier, PowerToys updates, and more

This week's Microsoft news recap is here with rumors about a new Game Pass tier, recalled feature updates for Windows 11, gaming news, and more.
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Macworld

Apple urges iPhone users to update as new DarkSword hacking tool lands online

Generally, iOS can be updated in the Settings app by tapping General > Software Update. However, Apple has a separate method ...
The Hacker News

Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

Valentić told The Hacker News that the use of fake progress indicators mimicking legitimate installation progress and the ...
Washington Life Magazine

Mobile Gaming at Rocketplay Casino Install PWA on Android and iOS

Playing on the go has become an essential part of the modern gambling experience, and Rocketplay Casino offers a seamless solution for mobile users through Progressive Web App (PWA) technology. This ...