The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
InfoWorld

Google Protocol Buffers flaw turns schemas into shells

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

npm tackles its riskiest security issues

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
Macworld

Marvel at over 250 fixes and improvements coming in the Apple updates this fall

Macworld reports that Apple’s fall updates will deliver 263 fixes and improvements across iOS, iPadOS, macOS, watchOS, and ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
TidBITS

All 264 Items on Apple’s WWDC26 “Sweating the Details” Slide

At WWDC26, Apple flashed a slide listing hundreds of small refinements coming to OS 27. We captured, OCRed, and categorized every item so you can actually read everything that Apple included.

How to Share a Link to a Particular Phrase

Modern browsers let you share a link that jumps straight to whatever text you wish to highlight. Here’s how the feature works ...
NPR

In Black America

June 7, 2026 • This week on In Black America, producer and host John L. Hanson, Jr. presents a conversation with Marion E. Orr, political scientist, professor of Public Policy and Political Science ...