The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
SecurityWeek

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges

A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
CoinDesk

Humanity's $36 million exploit tied to compromised laptop hosting a 'multisig' wallet

Humanity Protocol explained how attackers were able to steal more than $36 million of its H token, and the cause was a serious lapse in how it secured its keys. In an incident update shared with ...

Microsoft’s open source tools were hacked to steal passwords of AI developers

According to security firm Cloudsmith and community-driven malware analysis site OpenSourceMalware, which were some of the ...
The Brief India on MSN

CJP protester claims EVMs run on Python, experts call it technically incorrect

A claim made during the June 6 CJP protest at Delhi's Jantar Mantar has gone viral after a speaker identifying himself as an IT expert alleged that India's Electronic Voting Machines (EVMs) run on ...
Decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...
IEEE

Charge-Conserving Current Correction in Particle-in-Cell Codes Using Physics-Informed Neural Networks

Abstract: In particle-in-cell (PIC) simulations, the electromagnetic model requires solving Maxwell’s curl equations while preserving charge conservation since violations of the charge continuity ...