The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

If army recruits were seniors, wars might be won or lost (or maybe even forgotten)

What if the only military recruits available were senior citizens? How would a war progress and how would it end? If your ...
Security Boulevard

Networks of Browser Extensions Are Spyware in Disguise

Modern browser extensions and ad blockers are legally collecting and reselling user data, including streaming habits and B2B sales intelligence, under the guise of "analytics." This unregulated "legal ...
Hosted on MSN

Google patches 30 Chrome flaws as Apple updates AirPods Pro 3

Google has rolled out Chrome version 147.0.7727.137/138 for desktop and Android, fixing 30 security vulnerabilities, including four critical ones. On the same day, Apple released firmware 8B40 for ...
Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

PCI DSS Compliance

Data Security Standard (DSS), issued by the PCI Security Standards Council (SSC), which establishes technical and operational ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
Cryptopolitan on MSN

Crypto devs face new threat from Claude-based malware

A threat group planted a malicious npm package in a crypto trading project through an AI-generated commit by Anthropic's ...