The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

Fake Windows update installs hidden malware

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
San Mateo Daily Journal

It Passed Every Test Except Reality — 5 Software Testing Tools U.S. Teams Use

Silent bugs don’t crash your app. They can turn your users away silently. Discover the 5 software testing tools U.S. teams use to find and fix issues before they reach production.

Hackers use fake CAPTCHA schemes to put info-stealing viruses on your devices; here’s how to stay safe

If you've ever had to log into an online account, you're likely familiar with a CAPTCHA ID verification box.

The 50 best movies on HBO Max for dedicated cinephiles

Almost 100 years of cinema are represented on this list: starting with City Lights (1931) and extending all the way to 2026 ...
TechLila

macOS Malware Statistics 2026: Hidden Threats

OS Malware Statistics reveal rising threats, key trends, and risks. Discover critical insights to protect your devices today.