The Hacker News

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

State won't use infamous 'sick' building at 450 N St. for return-to-office workers

The building "is currently vacant and not in a habitable condition," according to a state Department of General Services ...
Geeky Gadgets

How to Avoid Hidden Costs When Using Claude Code Dynamic Workflows

Dynamic workflows in Claude Opus 4.8.8 offer a structured way to handle complex tasks by dividing them into smaller, independent components. These workflows enable parallel task execution, where ...

How to extract clean and structured data

More often than not, pulling data from the internet can be a major pain in the behind. It lulls you into a false sense of accomplishment, since downloading a web page is the easy part. But when you ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
ZME Science

Another Way Browsers Can Spy on You: Listening to Your Hard Drive

Researchers have shown that a web page can watch for tiny slowdowns in a computer’s storage drive and use those delays to guess which websites someone visits or which apps they open. The technique is ...
The Caledonian-Record

Bondi defends Epstein files release, denies Trump involvement

Former Attorney General Pam Bondi defended the U.S. Department of Justice’s release of files associated with convicted sex offender Jeffrey Epstein and did not answer questions ...
The Caledonian-Record

Bondi refuses to answer lawmakers' questions about Trump's involvement in Epstein files release

Former Attorney General Pam Bondi has finished her interview with House lawmakers about the release of the Jeffrey Epstein case files. Bondi stood behind the Trump administration’s release of the ...
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.
The Register-Herald

Outside group warns of ‘silencing’ judges, backs WV judge facing discipline for foster care comments

An out-of-state conservative legal group urged for charges to be removed against a West Virginia circuit judge who spoke out about the state’s troubled foster care system and ...
Dark Reading

With Complex Cloud Integrations, Small Errors Lead to Major Compromises

Cybersecurity researchers create a five-step exploit chain using over-permissioned roles, secrets discovery, and NHIs to attack a popular low-code service.
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...