Zig quits GitHub, says Microsoft's AI obsession has ruined the service

The Foundation that promotes the Zig programming language has quit GitHub due to what its leadership perceives as the code ...
The Hacker News

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

ClickFix has become hugely successful as it relies on a simple yet effective method, which is to entice a user into infecting ...
SecurityWeek

Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks

A Chinese threat actor tracked as APT24 has been observed employing multiple techniques to deploy BadAudio malware ...
Crowdfund Insider

Regtech SlowMist Analyzes Malicious Code Stealing Sensitive Keys, Private Information

Regtech firm SlowMist noted that recently, the NPM ecosystem experienced another large-scale package poisoning incident.

PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle

PostHog says the Shai-Hulud 2.0 npm worm compromise was "the largest and most impactful security incident" it's ever experienced after attackers slipped malicious releases into its JavaScript SDKs and ...
The Caledonian-Record

Elser Reveals Waitlist for Revolutionary One-stop AI Anime and Movie Studio, Democratizing Professional Anime Video Creation

ELSER GLOBAL PTE. LTD. today announced the opening of the global waitlist for Elser AI, the world’s first one-stop AI anime ...

Unsure how to talk to aging parents about managing their finances? Here’s how to broach the topic

Some older adults may need help navigating a more complex financial landscape and a rise in sophisticated scams ...

Canada’s ‘dramatic’ budget vote goes exactly according to script

Opposition parties without any reason to bring down the Carney government, regardless of their opinions of the federal budget ...
InfoWorld

Contagious Interview attackers go ‘full stack’ to fool you

The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a ...
The Hacker News

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

APT24 and Autumn Dragon launch multi-year espionage campaigns using BADAUDIO, supply chain attacks, and new CVE-2025-8088 ...

An incredibly popular JavaScript library might have some worrying malware issues

A widely-adopted JavaScript library has been found carrying a critical vulnerability which could allow threat actors to execute malicious code, remotely.