The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
InfoWorld

Google Protocol Buffers flaw turns schemas into shells

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

Days after exposing CBSE portal flaws, 19-year-old Nisarg Adhikary lands role at IIT Kanpur

Nineteen-year-old ethical hacker Nisarga Adhikary, who recently highlighted security vulnerabilities in CBSE's digital ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

‘Father of Nunavut’ returns to Iqaluit after supporters raise money for elder’s at-home care

Mr. Amagoalik’s supporters hope his return will pave the way for more Nunavut elders to return from Embassy West Senior ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Khaleej Times

IIT Kanpur hires Indian teen who exposed CBSE on-screen marking flaws

Nisarga Adhikary will work as Open Source Intelligence and Threat Intelligence Engineer. 'We will provide him with the ...

Understanding the Basics of JSON Validation and Cleaning

This guide explores the fundamental concepts of JSON validation and cleaning, providing insights into structuring data and ...

Nisarga Adhikary, a 19-year-old ethical hacker who exposed CBSE portal security flaws, gets a job at IIT Kanpur

Nineteen-year-old ethical hacker Nisarga Adhikary, who recently highlighted security flaws in CBSE's digital infrastructure, has been appointed as an OSINT and Threat Intelligence Engineer at IIT ...
JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...
techtimes

Xiaomi MiMo Code Claims to Beat Claude Code: Benchmark Scores Are Self-Reported

Xiaomi released MiMo Code V0.1.0 on June 10, 2026 — a terminal-native coding agent built on a fork of the open-source OpenCode project, bundled with free access to Xiaomi's own 1-trillion-parameter ...