The Hacker News

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...

Frontier Airlines is leaking your passport and credit card details from a boarding pass

If you've ever flown Frontier Airlines and your boarding pass ended up in a photo, a trash can, or a social media post, your ...
InfoQ

Ky 2.0 Fetch API Wrapper with Revamped Hooks, Smarter Timeouts, and Built-In Schema Validation

Ky 2.0 is an open-source JavaScript HTTP client built on the Fetch API, featuring significant updates such as consolidated ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...
techtimes

ServiceNow Data Breach: Gated Advisory Left Customers Unaware of Exploited Zero-Auth API

Enterprise security teams are auditing logs and rotating credentials this week after ServiceNow confirmed that attackers successfully queried sensitive customer instance data through an ...
Visual Studio Magazine

VS Code 1.122 Lets BYOK Work Without GitHub Sign-In

VS Code 1.122 removes the GitHub sign-in blocker for BYOK, making enterprise and offline AI workflows practical. BYOK now supports chat, tools and MCP servers while signed out. The release also ...
Forbes

AI Coding Power Users Are Churning Out 46X More Code Than The Rest

Cursor says the biggest productivity gains in AI coding are being made by developers who can orchestrate autonomous agents, not just prompt chatbots. But there’s a downside to the genuine leap: ...
Science Daily

World's smallest QR code, smaller than bacteria, could store data for centuries

Scientists have created a microscopic QR code so tiny it can only be seen with an electron microscope—smaller than most bacteria and now officially a world record. But this isn’t just about size; it’s ...