The Hacker News

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the ...
SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...
SecurityWeek

Claude Code Flaws Exposed Developer Devices to Silent Hacking

Vulnerabilities in Anthropic’s Claude Code tool could have allowed attackers to silently gain control of a developer’s ...

New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises

Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a ...
Hackaday

Hackaday Podcast Ep 359: Flying Squids, Edible Passwords, And A CAD Automaton

Hackaday editors Elliot Williams and Al Williams met up to trade their favorite posts of the week. Tune in and see if your favorites made the list. From crazy intricate automata to surprising ...

AirSnitch Attack Shows Hackers Can Easily Intercept Encrypted Wi‑Fi Traffic

AirSnitch functionally bypasses Wi-Fi security in a manner somewhat addressable by patches, but only completely fixable by new hardware.

APT37 hackers use new malware to breach air-gapped networks

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.
PC Gamer

Here's how long it would take 12 RTX 5090 GPUs to crack your password… and a reminder that just adding more characters still works

Hardware Today I learned Motorola was once developing a password pill that turns your body into an authentication token: 'We have demoed this working and authenticating a phone' Memory Many consumer ...