The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know

Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by security researchers. DarkSword has now leaked online.
DataBreachToday

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
CSO Online

GitHub phishers use fake OpenClaw tokens to drain crypto wallets

Attackers exploit OpenClaw hype with fake “CLAW” airdrops, luring developers from GitHub into wallet-draining phishing sites.

Huge numbers of web stores are facing attack from this dangerous new malware

PolyShell vulnerability in Magento/Adobe Commerce mass exploited, hitting over half of vulnerable stores Attackers deploy ...
CyberGuy

DarkSword leak puts millions of iPhone users at risk

Leaked DarkSword code makes iPhones on older iOS easy targets. See who is at risk and how to protect your device right now.

Microsoft updates VS Code with new themes and adjustable AI reasoning in version 1.113

VS Code 1.113 adds new themes, AI reasoning controls, and nested subagents, improving workflows and customization for ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

McCain Foods heir sues French fry maker after failing to sell her $1-billion-plus stake

An heir to the McCain French fry fortune is asking the courts to ensure she gets fair value for a $1-billion-plus stake in ...

Ottawa hasn’t learned its lesson on immigration

New restrictions have caused a big drop in study permits, but the Auditor General’s report shows a system where enforcement ...

I built a web page with OpenAI’s Codex in 5 minutes. Here’s how

I’ve been chatting with ChatGPT, Claude, and Gemini for years, but nothing prepared me for the first time I started vibe coding with them. My first taste of vibe coding with AI came courtesy of Google ...