The Hacker News

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The U.S. State Department has officially launched the Bureau of Emerging Threats, a new unit tasked with protecting U.S.
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
Bleeping Computer

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules. Secret scanners are specialized utilities that ...
Indiatimes

Indian Exports Under US Scanner As Trump Orders Probe Into Trade Practices, Tariff Threat Returns

The conflict between Iran and the United States is inflicting heavy damage on American military infrastructure across West Asia. An analysis by The New York Times says Iranian missile and drone ...
Bleeping Computer

New 'Zombie ZIP' technique lets malware slip past security tools

Update: Article updated with comments from security researchers who believe this should not be considered a vulnerability. Update 2: CERT has retracted its bulletin and MITRE has rejected the CVE on ...
SecurityWeek

OpenAI Rolls Out Codex Security Vulnerability Scanner

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month. OpenAI is rolling out a new AI-powered software vulnerability scanner that the ...