The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

Claude Code vs OpenAI Codex: Which AI Coding Assistant is best for Windows Developers?

Which AI Coding Assistant is best for Windows Developers? Claude Code or OpenAI Codex? If you are a programmer, go through ...

We tried 3 of the biggest vibe-coding platforms. Here's what we thought about how they stack up.

A trio of journalists tried three big vibe coding apps to see how they stack up. We each attempted to build an app on Cursor, ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

"CanisterWorm" supply chain malware attacks npm

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...
BeInCrypto

Ocean Network Wants to Turn Idle GPUs Into a Global Pay-Per-Use Compute Market

Ocean Network links idle GPUs with AI workloads through a decentralized compute market and editor-based orchestration tools.

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s ...
The Hacker News

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

GlassWorm uses Solana and Google Calendar dead drops to deliver RAT stealing browser data and crypto wallets, impacting ...

A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know

Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by ...

iPhone exploit DarkSword has been released in the wild: How to protect yourself

Uh-oh. Now anyone can easily use it.

Bad CAPTCHA in the wild tricks Mac users into installing malware through Terminal

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.