The Hacker News

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

Oracle PeopleSoft zero-day CVE-2026-35273 was exploited before Oracle's June 10 advisory, exposing data and triggering ...
SecurityWeek

Infostealers Turn Millions of Devices Into Credential Theft Machines

Modern infostealers don't just steal passwords—they harvest the digital identities and context that enable attackers to blend ...

In A.I. Blunder, More Than 34,000 Instagram Accounts Were Attacked

The flaw, which Meta said it had fixed, allowed anyone to take over accounts using a bug in the company’s new artificial ...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
Cybernews

Hackers hijack Microsoft packages to steal developer logins

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...

Apple Intelligence Can Change Your Passwords for You When You Get Hacked

As important as being secure with your sensitive information online is, few among us have perfect password hygiene, and Apple ...

Microsoft’s open source tools were hacked to steal passwords of AI developers

According to security firm Cloudsmith and community-driven malware analysis site OpenSourceMalware, which were some of the ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
Inc

Why You Need to Stop Using Passwords and Switch to This Secure Alternative Now

If you’ve been hearing a lot more about passkeys recently, there’s good reason for it. After becoming more widely available in 2022, passkeys have surged in popularity, driven by ease of use and ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...
Lifehacker

I Refused to Use Passkeys Until Apple Added This Feature to Its Passwords App

Pranay Parab is an independent tech journalist based in Mumbai, India. He covers tech for Lifehacker, and specializes in tutorials and in-depth features. I'm strongly in favor of using password ...