The Hacker News

âš¡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...

How a USB-connected speaker can infect a PC without ever being touched

CTP allows devices connected via Bluetooth or USB to send commands to the speaker, such as changing LED colors and equalizer ...
MIT Technology Review

The Meta hack shows there’s more to AI security than Mythos

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...

New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

Webcam-hacking Minecraft malware is disguising itself as mods, and it's infected thousands of PCs

The malware, built to look like Minecraft launchers and mods, gives hackers access to your screen, files, webcam, accounts, ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.