The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.
Infosecurity Magazine

Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats

Hundreds of GitHub repositories seemingly offering “free game cheats” deliver malware, including the Vidar infostealer, ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Wired

A $10K Bounty Awaits Anyone Who Can Hack Ring Cameras to Stop Sharing Data With Amazon

The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon—without breaking the hardware. The ad ...
siliconera

.hack Character Plush Merchandise Returns

Following CyberConnect2 announcing the return of the .hack series with a new game, it also brought back character merchandise from games and anime adaptations in the form of plush toys. While there’s ...
Polygon

Classic RPG franchise returns with new game after 14 years

Fourteen years after the last titles in the .hack series, CyberConnect2 is celebrating the studio's 30th anniversary by unveiling .hack//Z.E.R.O., also known as "Project Dusk." With no release date ...
Deadline.com

‘Hacks’ Co-Creators Play Coy About Show’s Future Beyond Season 5, Tease “Satisfying” Conclusion & Joke About Possible Movie

Since its 2021 premiere, Hacks has been a major awards and critical darling, if not ratings giant, due to its sharp writing, superb performances and industry skewering. So it’s no surprise that no one ...
techtimes

Notepad++ Hack Reveals Six-Month Backdoor Breach Targeting Millions of Users

Notepad++, one of Windows' most widely used text editors, has confirmed a major security breach after its update infrastructure was compromised for nearly six months. Developers say suspected China ...
GameSpot

Ubisoft Is Sending Out Compensation To Rainbow Six Siege Players Over Hack

GameSpot may get a commission from retail offers. It was anything but a wonderful holiday season for Ubisoft's Rainbow Six Siege players. Following a massive hack that dumped billions of credits into ...
Wall Street Journal

Oracle Hack Still Generating Ransom Demands

A growing number of companies are facing ransom demands from hackers who stole sensitive data through security flaws in widely-used Oracle business software nearly six months ago. The breach, which ...
Bleeping Computer

Hackers claim to hack Resecurity, firm says it was a honeypot

Update: Article updated to reflect that the ShinyHunters says they were not involved in this activity. We have updated our story and title. Threat actors associated with the "Scattered Lapsus$ Hunters ...