The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...

Big Bend steel fabricator's longtime shop site sells for $1.3M

The 3-acre property at Big Bend Industrial Park has housed the company since at least 2001. Thursday, July 16, 2026 Women of ...

Security News This Week: Crypto-Funded Chinese Peptide Labs Are Booming

Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite ...

New Kinaxis CEO bets Ottawa supply chain software company will be a SaaS-pocalypse winner

There are reasons to share Mr. Gaurav’s optimism. Maestro is mission-critical software for giants including Ford, Lockheed ...
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...
Opinion
Foreign AffairsOpinion

The Day After in Cuba

A few weeks later, the president told a business forum that after Iran, Cuba “is next.” Already, the United States has imposed a near-total oil blockade of the country, plunging much of it into ...
LGBTQ NationOpinion

The attacks on James Talarico’s masculinity hurt everyone, including the people who lob them

Societal heterosexism and cissexism prevent some LGBTQ people from developing authentic self-identities and add to the ...

Getting started

This guide will cover the basics of installing the Glow JavaScript library, and a few simple examples of using Glow to get you started. We are assuming you have at least a working knowledge of ...
Mining WeeklyOpinion

South Africa can become strong value-add minerals player again, PyroFuZA points out

Look out for PyroFuZA. Those eight letters have the potential to make best use of South Africa’s natural resources and ...

UX Design as a Waste Machine: The Hidden Costs of Digital Smoothness

Good UX hides its waste. But it doesn't disappear – it ends up in data centers, supply chains, and telemetry databases.
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...