The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Sea-Tac's expanded C Concourse opens after $399 million renovation

The expansion includes 11 new restaurants and retailers, meditation rooms, and the airport's first outdoor space overlooking ...
The Hacker News

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft confirms it temporarily removed GitHub repos after Miasma worm compromised 73 of its open-source projects to inject ...

Update Chrome ASAP to protect yourself from this active exploit

If you use Chrome, you're vulnerable until you install this update.

Renaissance Pittsburgh Hotel to rebrand, install updated signage

In homage to the original architect, the Renaissance Pittsburgh Hotel will soon update its name and signage to the Atterbury ...
The Register-Herald

Fayette County to install sunscreen dispensers across county

The Fayette County Health Department has partnered with Mountains of Hope to install sunscreen dispensers at several ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
来自MSN

I made a simple script to install all my apps on a new PC using WinGet, and you can make it ...

Whether you've just bought a new Windows 11 PC or you've had to start fresh on your existing one, it can be a hassle to get everything set up how you like it again. Installing all your apps is a ...
Tech Times

Cloudflare Buys VoidZero: Vite’s 130M Weekly Users Get a New Vendor-Neutrality Pledge

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...

Google patches new Chrome zero-day flaw exploited in the wild

Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the ...