The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
Bleeping Computer

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub. Miasma appears to be an evolution ...

Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...
JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...

Working group formed to develop standard for AI-native docs

Its launch raises the question of what impact a new format will have on human workers, as well as on governance and ...

npm tackles its riskiest security issues

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...
Opinion
Foreign AffairsOpinion

How to Counter Beijing’s Unauthorized “Distillation”

A new front has opened in the U.S.-China competition in artificial intelligence: open-weight, local AI models. Until recently, the most capable AI models were too big and too costly to run anywhere ...
Techlomedia

73 Microsoft GitHub Repos Compromised in Miasma Malware Attack

Microsoft has confirmed that it temporarily removed several GitHub repositories after a large-scale malware campaign ...

HotDeals Code Verification Feature Expands Across 23 Markets to Strengthen Coupon Transparency

HotDeals Consumer Savings Index data shows growing consumer preference for verified promo codes over unvalidated discount ...
PCQuest

Chrome V8 zero day puts browser patching back in focus

Chrome’s CVE-2026-11645 V8 zero-day is under active attack. Update now to cut browser risk across Windows, macOS, Linux, and ...

Cohere open-sources a coding agent that runs on a single H100

Cohere's North Mini Code ranks 8th of 127 open-weight models on output speed — but generates 3x the output tokens of ...

‘Knight of the Seven Kingdoms’ Making a Scene: Behind That ‘F—ing Awesome’ Episode 4 Speech

A Knight of the Seven Kingdoms ,” Episode 4, “Seven.” Ser Duncan the Tall, played by Peter Claffey, sits atop a horse as the ...