The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
Bleeping Computer

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a ...
Krebs on Security

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions ...
Game Rant

Fight for Hackers Codes (June 2026)

For over 5 years, Arthur has been professionally covering video games, writing guides and walkthroughs. His passion for video games began at age 10 in 2010 when he first played Gothic, an immersive ...
TechSpot

Hackers breach GitHub and access 3,800 internal repositories now listed for sale

What we know so far: Hackers have reportedly used a malicious Visual Studio Code extension to gain access to a GitHub developer's machine, then leveraged the stolen credentials to move into GitHub's ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
The Next Web

GitHub confirms hackers stole thousands of internal code repositories after employee installed a poisoned VS Code extension

GitHub confirmed that the cybercrime group TeamPCP exfiltrated roughly 3,800 internal code repositories after compromising an employee device through a poisoned VS Code extension. The Microsoft-owned ...
Bloomberg L.P.

Security Firm Thwarting Nation-State Hackers Valued at $1 Billion

Socket, a cybersecurity startup that sells technology to help safeguard open-source code against hackers, has raised a new round of funding that values the company at $1 billion. Josh Kushner’s Thrive ...
Infosecurity-magazine.com

Grafana Labs Confirms Hackers Stole Source Code

A popular open source developer has revealed that hackers stole its codebase and tried to blackmail the firm into paying a ransom. Grafana Labs produces AI-powered analytics and visualization app ...
The Next Web

Grafana Labs refuses ransom after hackers steal already-open-source code

The hackers exfiltrated a codebase that was already open source, then demanded payment to keep it from being released. Grafana said no, and cited the FBI’s standing advice. It is the second ...
TechCrunch

Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom

Grafana Labs, the maker of its eponymous popular open source web visualization software, confirmed it had been hacked but that it refused to pay the hackers who had threatened to release the company’s ...