The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...
eWeek

Samsung Hits Send on Goodbye to Messages

Samsung is sunsetting its own chat app while Apple adds end-to-end encryption to its already-live RCS, hinting that the final texting firewall might soon drop. Meanwhile, Cloudflare drafts a ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

H33 Launches HICS for Free: The First Trust-less Software Scoring Tool with Post Quantum ...

Free cryptographically verified code quality scoring for software procurement. The best software wins. Not the best ...
Security Boulevard

Anthropic Claude Code Leak

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...