The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static ...

Hackers exploit OpenClaw hype on GitHub to steal crypto funds

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
Hosted on MSN

Garden hack using vegetable leaves: don't toss them until you try this

Discover a clever garden hack using vegetable leaves that most people throw away. Instead of discarding them, learn how to repurpose nutrient-rich leaves to enrich your soil, create natural compost, ...
TechCrunch

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers have identified a suite of powerful hacking tools capable of compromising iPhones running older software that they say has passed from a government customer into the hands of ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
Yahoo

Gardener shares genius hack using old toilet paper rolls: 'I did this last year'

Most households use a significant amount of toilet paper and waste the leftover rolls — but a TikTok user found an ingenious way to repurpose them to start a garden. The TikTok account Grove&Green ...