Fireship on MSN

The silent threat: Axios library exposes developers

A recently discovered Remote Access Trojan in the widely used Axios library puts millions of JavaScript developers at risk.
The Currency Analytics

Polymarket’s $3 Million Frontend Hack Hits 11 Wallets Holding PUSD

Polymarket got hit. A suspected phishing attack on one of the platform's third-party vendors let hackers inject malicious ...
LGBTQ Nation

Graham Platner pledges to “Protect Trans Kids” while slamming “cowards” & “bigots ...

When you stand up for one group’s rights, you’re actually standing up for everybody’s rights," the Democratic nominee for ...
Cyber DailyOpinion

Exclusive: Pauline Hanson’s One Nation party quietly deletes Labor hacking claims

The right-wing party said “Labor goons” were responsible for a cyber attack on its donation website, but it has failed to ...
blockonomi

Polymarket Hack: $3M Drained in Supply-Chain Frontend Attack

Polymarket hack stemmed from a compromised third-party vendor that injected malicious JavaScript into the platform’s frontend. Over 11 wallets lost PUSD on Polygon; stolen funds were bridged to ...
CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
Bleeping Computer

Microsoft links Mastra AI supply chain attack to North Korean hackers

Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...

Canadian hacker pleads guilty to charges for cyberattack on Texas Republican website

Mr. Cottle, who appeared in court in Newmarket, Ont., on Thursday, pleaded guilty to fraudulently obtaining a computer ...

Hackers demand payment for stolen data tied to heart monitoring company iRhythm

Preview this article 1 min Hackers used "social engineering," a multiple-step technique hackers sometimes use to trick people ...

Cybersecurity attackers don’t hack in anymore… they get invited in

"In cybersecurity in 2026, the attackers have stopped breaking down doors. They are being invited in. And the front door they’re walking through is trust itself." — Aida Keehner, founder and CEO, Atru ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...