The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
SecurityWeek

Supply Chain Attack Hits 32 Red Hat NPM Packages

Hackers published 96 malicious package versions, injected with a credential-stealing worm similar to Mini Shai-Hulud. On Monday, hackers hit Red Hat’s NPM repository in a new supply chain attack, ...
Appuals

Fix: Bluetooth Disappeared from Device Manager

Bluetooth can disappear from Device Manager on Windows even when the problem started as a missing toggle in Settings. In some ...
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
The Wire

CBSE Is Under Fire Thanks to the Efforts of Teenagers

Ethical hacker Nisarga Adhikary's attention to the portal's vulnerabilities, the work of Sarthak Sidhant who looked at the ...
Statistics Canada

2021 Census: Enumerators now following up with dwellings

A census enumerator. Census enumerators safely collect the data that is vital to improving the lives of Canadians. June 10, 2021 – Ottawa, ON – Statistics Canada Statistics Canada thanks all Canadians ...