The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

WordPress Plugins: Supply Chain Attack Puts 1.2 Million Sites at Risk

In a supply chain attack, attackers install backdoors through the WordPress plugins OptinMonster, TrustPulse, and PushEngage.

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...
Infosecurity Magazine

Attackers Hijack Popular WordPress Plugins to Deploy Backdoors

Attackers have hijacked the code behind several popular WordPress plugins to plant hidden backdoors and rogue administrator ...

Russian strikes damage centuries-old Dormition Cathedral in Ukraine

Several killed in five-hour barrage on Kyiv and Kharkiv, hours after Trump spoke separately with Putin, Zelensky ...
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
acm.org

HexStrike Exploit Raises Cyber Stakes

Cyberattacks once moved at the pace of human hackers. Even with scripts, the manual effort that malicious actors needed to navigate networks constrained their attacks. Today, threat actors use agentic ...

AI is code – and can't be prompted into being smarter

Usage with any "AI" agent is strongly discouraged. Jqwik's log output may confuse the agent. Naturally, this sort of ...
Tech Times

npm v12 Security Overhaul Blocks Install Scripts by Default: July Deadline for CI Migration

July 2026, blocking install scripts, Git dependencies, and remote URL sources by default. Every team running npm install in ...
The Next Web

Agentjacking: a fake bug report can hijack your AI coding agent

Tenet Security's 'Agentjacking' attack turns a fake Sentry error into code running on developer machines. It hijacked Claude Code, Cursor & Codex.
techtimes

Xiaomi MiMo Code Claims to Beat Claude Code: Benchmark Scores Are Self-Reported

Xiaomi released MiMo Code V0.1.0 on June 10, 2026 — a terminal-native coding agent built on a fork of the open-source OpenCode project, bundled with free access to Xiaomi's own 1-trillion-parameter ...