Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
PCMag

Fake Apps, Fraudulent Emails, and Very Real Hackers: Another Week in the Infosec Trenches

This week saw attacks on Claude Code users, LastPass users, Starlink users, and, perhaps worst of all, people who needed an ambulance. Add a dash of AI hacking, and you have another wild week in ...

Law enforcement shuts down botnet made of tens of thousands of hacked routers

An international law enforcement operation shut down a service called SocksEscort, which allegedly helped cybercriminals all over the world launch ransomware and DDoS attacks, as well as distribute ...

How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks

Amid a paralyzing breach of medical tech firm Stryker, the group has come to represent Iran's use of “hacktivism” as cover ...
WinBuzzer

New Databricks KARL RAG Agent Promises 33% Cost Reduction vs. Claude Opus 4.6

Databricks has released KARL, an RL-trained RAG agent that it says handles all six enterprise search categories at 33% lower ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
GitHub

GitHub - anthropics/claude-code-action

A general-purpose Claude Code action for GitHub PRs and issues that can answer questions and implement code changes. This action intelligently detects when to activate based on your workflow ...