The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Greek Reporter

When Julius Caesar Was Kidnapped by Pirates Off a Greek Island

Long before ruling Rome, Julius Caesar faced Cilician pirates, raised his own ransom, and turned kidnapping into a ruthless ...
Devdiscourse

Atomesus Unveils Cipher 8B: A Game-Changer in AI Language Models

Atomesus has launched Cipher 8B, a new AI model designed for scalability and production-led efficiency. With a focus on ...
Covers.com

Caesars Brings 'Cash Eruption' Slots to Atlantic City Casinos

The "Cash Eruption" game family has produced notable jackpot results, including Caesars' record $1.24-million online payout.
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...