The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
CNX Software

Ubuntu 26.04 LTS “Resolute Raccoon” released with Linux 7.0

Canonical has just announced the release of Ubuntu 26.04 LTS “Resolute Raccoon” Linux distribution about two years after ...

Another npm supply chain worm is tearing through dev environments

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...

OpenAI updates Agents SDK to improve agent safety and capability for enterprises

OpenAI’s updated Agents SDK adds sandboxing, configurable memory, and file/tool workflows for safer, stronger enterprise ...
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Anthropic Claude source code leak explained: Techie reveals how a 4 am update exposed 512,000 lines of code

A routine software update for Anthropic's Claude Code tool accidentally leaked its entire source code, sparking rapid community response. Within hours, a developer rewrote the tool in Python and then ...
Infosecurity Magazine

Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation

Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across ...

11 Cool E-Ink Gadgets That Aren't An Amazon Kindle

The tech may have been around longer than you think, with Amazon's Kindle as its most famous application, but other cool ...
YourStory

OpenAI Agents SDK update brings production-ready AI tools

OpenAI Agents SDK update adds sandbox execution and a new harness to help developers build reliable, production-ready AI ...

KDE Linux is the purest form of Plasma I've tested - but the install isn't for the meek

KDE Linux is the purest form of Plasma I've used in months - but there's a catch ...