The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...
Tech Times

npm v12 Security Overhaul Blocks Install Scripts by Default: July Deadline for CI Migration

July 2026, blocking install scripts, Git dependencies, and remote URL sources by default. Every team running npm install in ...

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...

US saw risk of Anthropic models being diverted to foreign military intelligence

By Karen Freifeld WASHINGTON, June 15 (Reuters) - U.S. Commerce Secretary Howard Lutnick said he took action against Anthropic's latest Mythos and Fable AI models because officials feared they could ...

WordPress Plugins: Supply Chain Attack Puts 1.2 Million Sites at Risk

In a supply chain attack, attackers install backdoors through the WordPress plugins OptinMonster, TrustPulse, and PushEngage.
Opinion

The U.S.-Iran peace deal is crisis management, not resolution. Oil’s fall could be temporary

Renewed fighting in Lebanon, an Israeli attack on Iran or failure on Iran’s uranium enrichment terms could scupper Trump’s peace agreement ...
TMCnet

Cloudflare Acquires VoidZero to Build the Future of the AI-Native Web

VoidZero's toolchain, anchored by Vite, has emerged as the shared substrate for the web ecosystem, capturing over 130 million weekly downloads. The Cloudflare Vite plugin has reached 13.9 million ...
Columbia University School of Professional Studies

The Con That Comes Prepared

How AI-enabled deception, open-source software dependencies, and social engineering are reshaping enterprise cybersecurity ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
techtimes

Xiaomi MiMo Code Claims to Beat Claude Code: Benchmark Scores Are Self-Reported

Xiaomi released MiMo Code V0.1.0 on June 10, 2026 — a terminal-native coding agent built on a fork of the open-source OpenCode project, bundled with free access to Xiaomi's own 1-trillion-parameter ...
Queerty

These gardening gays are showing off their green thumbs & more

Wanna see scantily-clad men getting dirty… because they’re elbows deep in potting soil? Then check out the social media gays’ photos below as we hit another National Weed Your Garden Day! Yes, every ...