News

The Hacker News

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

Your weekly strategic brief on the cyber threat landscape. Uncover the deeper patterns behind attacks, from bootkit malware ...

OpenAI has new agentic coding partner for you now: GPT-5-Codex

From cloud hand-offs to GitHub reviews, GPT-5-Codex is optimized for agentic coding and designed to supercharge developer workflows.

How to use GitHub Spec Kit : Easily Build Scalable, Maintainable Software

Discover GitHub Spec Kit, the open-source toolkit for spec-driven development, bringing clarity and collaboration to software projects.
Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
Security Boulevard

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
CSO Online

Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep ...