The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

A new Tampa startup accelerator program to launch this fall

A new statewide startup accelerator program backed by Florida's most influential business leaders is taking shape with Tampa ...
SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

Dayton International Airport secures $18M for freight flow improvement project

More than $17 million in state funding will target freight flow and congestion around Dayton International Airport to improve ...
Homeland Security Today

Supply Chain Compromise Impacts Axios Node Package Manager , CISA Alert Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...
TalkAndroid

Amazon Is Cracking Down On Pirates With Vega OS

Amazon has launched a new Fire TV Stick HD. It's moving to a new operating system called Vega OS instead of the long running ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...
InfoWorld

Is your Node.js project really secure?

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...
The Caledonian-Record

Town Takes Next Steps To Refill Recreational Pond

After Sugar Hill’s Coffin Pond was drained in March following the state’s removal of a failing decades-old dam, new strides ...
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...