The Hacker News

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
Decrypt

Hackers Insert Malware Into Mistral AI Software Download

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...
Techzine Europe

Bun takes a surprising step from Zig to Rust

The developers of the JavaScript runtime Bun have decided to largely rewrite the platform in Rust. In doing so, the project ...

Instructure confirms hackers used Canvas flaw to deface portals

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login ...
Cyber Daily

British Airways allegedly breached as hackers claim to have stolen pilot data

Threat actors have made claims that they breached British Airways, allegedly having stolen medical data as well as crew and ...
Cryptopolitan on MSN

TCLBANKER trojan spreads through victims' own messaging accounts

Security researchers found TCLBANKER, a Brazilian banking trojan that hijacks WhatsApp and Outlook accounts to spread crypto ...
Decrypt

Fake OpenAI Repo Hit #1 on Hugging Face—And Stole Passwords While It Trended

A fake repo impersonating the OpenAI Privacy Filter model racked up 244,000 downloads in under 18 hours before Hugging Face ...
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

Canvas cyberattack: Company reaches deal with hackers to delete students’ stolen data

ShinyHunters claimed responsibility for last week’s breach, threatening to leak data involving nearly 9,000 schools worldwide ...
Cyber Daily

Exclusive: Australian Computer Society investigating possible breach after ShinyHunters ...

The ACS is one of dozens of Australian entities potentially impacted by the recent Instructure third-party data breach.
WLAX

It’s Time: Packers face challenging 2026 schedule

A season-opening border battle in Minnesota. Six games in evening prime time. A Wednesday game in LA on Thanksgiving Eve. A Christmas Day clash with the Bears in Chicago. Four out of five at home to ...