Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Israel and Lebanon agree to implement ceasefire if Hezbollah stops attacks

The countries reject "any attempt, by any state or non-state actor, to hold Lebanon's future hostage", the US says.

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

Suspicious Polyfill login prompts pop up on Toshiba, Muji websites

Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could ...
The Caledonian-Record

Ukraine targets St. Petersburg again after Putin rejects Zelenskyy's offer for direct talks

Ukrainian drones has targeted St. Petersburg in what Russian officials called a “large-scale” attack, prompting Governor Alexander Beglov to advise residents to remain indoors. Authorities say 141 dro ...
Telegraph Herald

U.S. military says it shot down Iranian drones launched toward Strait of Hormuz

The U.S. military said it shot down four Iranian drones that were launched toward the Strait of Hormuz on Friday and then ...
The Caledonian-Record

NH Moose Are Under Tick Attack; Could Forestry Changes Help Save Them?

In fall, hoards of winter ticks latch on to New Hampshire’s moose — sometimes upward of 50,000 per adult animal.

New SF LGBT Center executive director takes helm amid federal attacks

The Center serves as a third space for the community and often the first stop for people arriving in San Francisco. Valles ...