The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

npm tackles its riskiest security issues

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...

Aravind Sithamparapillai’s path to becoming an advisor started in a birthing room

The financial planner at Ironwood Wealth Management Group specializes in advising midwives and women in health care.

5个真实场景实测:云知声U2,可能是最能“干活”的大模型

AI行业似乎正在陷入一场无序的“Token消耗赛”。 全球范围内的Token消耗正在迅速增长,Uber的5000名工程师仅仅4个月就烧完了全年的AI预算,迫使Uber出台分级限流措施管控成本;微软核心的Experiences and ...

Your World Cup guide

Before the historic soccer spectacle kicks off on Thursday, here’s everything you need to know on and off the pitch ...

Anthropic releases Mythos-class model for public use

The classifiers will trigger in less than five percent of usage sessions, Anthropic claimed, while conceding it has tuned the ...

Datadog expands observability platform to autonomous AI team colleague

At the DASH conference, Datadog presents new features for autonomous IT operations and AI security with Bits AI SRE, AI Guard ...