The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
CNX Software

ESPHome 2026.5.0 released with new ESPHome Device Builder (beta), performance/memory optimizations

ESPHome 2026.5.0 has just been released with the beta version of the new ESPHome Device Builder web app that replaces the legacy in-tree dashboard with a real configuration editor, a firmware job ...
Decrypt

3 Wacky Hermes Skills You Should Try

You installed Hermes. You made it look better than ChatGPT. Now you're wondering what to actually do with it. Here are some ...

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...

I manage my entire home lab using Telegram and Discord and it's the coolest thing ever

Telegram notifications and one-tap updates made my home lab easier to manage.
CNN

Russia is restricting access to Telegram, one of its most popular social media apps. Here’s what we know

Russian authorities have begun restricting access to Telegram, one of the country’s most popular social media apps, as the government continues to push everyday Russians toward its own tightly ...
9to5Mac

Telegram finally adds passkeys support

With the latest update, Telegram users can now create a passkey to instantly log in to their accounts without needing an SMS code or password. Here’s how to activate it. Since Apple and Google ...
Beebom

How to Access and Use Google Gemini API Key (with Examples)

You can access the Gemini API key for free and without having to set up cloud billing. Google has made the process straightforward. Currently, Google is offering Gemini Pro models for both text and ...
CSOonline

Supply chain attack hits RubyGems to steal Telegram API data

Threat actor exploits Fastlane plugin trust to redirect Telegram traffic via C2 server after Vietnam’s ban, targeting mobile app CI/CD pipelines. An ongoing supply chain attack is targeting the ...
Bleeping Computer

Malicious RubyGems pose as Fastlane to steal Telegram API data

Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data. RubyGems is the official package ...
Bloomberg L.P.

Modernizing how traders enhance their workflows with Python API

Traders who code have an edge – Python skills are helping traders automate tasks and improve accuracy. Automation is solving workflow pain points – Leading firms are cutting manual steps and boosting ...