The Hacker News

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

Instructure confirms hackers used Canvas flaw to deface portals

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login ...

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

Cerebras IPO surge could validate Eclipse Ventures' deep-tech bet

Eclipse Ventures has positioned itself around capital-intensive deep-tech startups. The Cerebras offering could validate that ...
AARP

Vivica A. Fox Has Been Setting It Off for 30 Years — She’s Just Getting Started

It’s been three decades since Vivica A. Fox, 61, had her breakthrough roles in the sci-fi blockbuster Independence Day and ...

How AI is transforming higher education and the future workforce

As AI adoption grows, so does the need for responsible use. Technology alone does not drive outcomes. People must interpret ...
InfoWorld

Hands-on with React, Supabase, and PowerSync

If you are building a simple dashboard or a form-based application, the traditional JSON API (REST or GraphQL) approach is ...
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
Dark Reading

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

A known Belarussian cyber-espionage group is back with a threat campaign against targets in Eastern Europe that uses spear-phishing to deliver malicious payloads to Eastern European government and ...
InfoWorld

Four cutting-edge tools for spec-driven development

Kiro, Spec Kit, Tessl, and Zenflow offer a more systematic and structured approach to developing with AI agents than vibe ...