The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

Why are top university websites serving porn? It comes down to shoddy housekeeping.

Finding hijacked subdomains is straightforward. People need only enter site: [university].edu “xxx” or site: [university].edu ...

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised ...

Microsoft explains how to download and install the new "10 times faster" TypeScript

Microsoft has explained how to download and install the latest version of TypeScript that promises 10 times better ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

How A Roblox Cheat Download Triggered A $2 Million Hack At Vercel

How A Roblox Cheat Triggered A $2 Million Breach At Vercel. Why The Vercel Incident Changes The Economics Of Enterprise AI ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Nothing Warp is back, but you’ll need to jump through hoops to actually use it

Nothing has revived Warp after a short takedown, but since the app is no longer on the Play Store, users now have to install ...