The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

What the OpenClaw vulnerability reveals about the future of agentic AI security

OpenClaw exposes how autonomous AI agents are reshaping enterprise security risks..
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
Appuals

Fix: Bluetooth Disappeared from Device Manager

Bluetooth can disappear from Device Manager on Windows even when the problem started as a missing toggle in Settings. In some ...
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
Statistics Canada

2021 Census: Enumerators now following up with dwellings

A census enumerator. Census enumerators safely collect the data that is vital to improving the lives of Canadians. June 10, 2021 – Ottawa, ON – Statistics Canada Statistics Canada thanks all Canadians ...