The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft

A new SHub Reaper macOS infostealer spoofs prompts from Apple, Google, and Microsoft to steal passwords, crypto data, and business files from Macs.
The Hacker News

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers hijacked 400+ Arch Linux AUR packages to run a Rust credential stealer, with optional eBPF rootkit support on root ...
Tech Xplore

AI worm adapts across networks, turning any online device into potential target

A team of researchers at the University of Toronto has discovered a new class of cyberthreat that gives hackers more power ...
Security Info WatchOpinion

Your App Is the Attack

Why AI is turning trusted mobile applications into one of the most overlooked threats facing enterprise security teams.
Arabian Post on MSN

Trusted tools become malware delivery routes

Attackers are increasingly abusing legitimate system utilities and widely used administrative tools to deliver malware, move through networks and avoid detection, forcing security teams to rethink ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...

7 Days: "Enough is enough," Computex 2026, and the next trillion-dollar company7 Days: "Enough is enough," Computex 2026, and the next trillion-dollar company0 0

Our '7 Days' weekly tech roundup brings the juiciest announcements. Read about the Surface Laptop Ultra, fresh launches from ...
Pen Test Partners

ClickFix, CrashFix and the growing family of copy and paste attacks

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

From Reels to risks: How scammers are turning videos into malware traps

Cybercriminals are moving beyond email scams and into social media feeds, using tutorial-style videos on TikTok and Instagram to spread malware and steal credentials ...
eWeek

Siri Goes Genius as iOS 27 Hits Warp Speed

Siri is (almost) finally ready (we hope) to graduate from setting kitchen timers. Apple's WWDC26 splash wasn't just routine ...