The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...
Cryptopolitan on MSN

JINX-0164 hijacks crypto developer machines through phony meeting links

A group of hackers, named JINX-0164, has been contacting crypto devs via LinkedIn and inviting them to fake meetings that ...

Apple Intelligence Can Change Your Passwords for You When You Get Hacked

As important as being secure with your sensitive information online is, few among us have perfect password hygiene, and Apple ...

Microsoft’s open source tools were hacked to steal passwords of AI developers

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.
The Hacker News

âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...

Dashlane explains how attackers managed to download encrypted password vaults

Dashlane said that attackers mounted a coordinated hacking campaign against a large base of its users in an attempt to ...

Dashlane Says Hackers Stole Password Vaults Via A 'Brute Force Attack'

Hackers used brute forced about 20 password vaults from Dashlane.

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
Indiatimes

FBI warns of hacking campaign stealing Microsoft 365 accounts without passwords

The Federal Bureau of Investigation (FBI) recently issued a public warning about a dangerous new hacking platform that allows cybercriminals to hijack Microsoft 365 accounts, including Outlook email, ...