The Hacker News

âš¡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...

The Missing Context Layer: Why Tool Access Alone Won’t Make AI Agents Useful in Engineering

A pattern is emerging: giving an agent access to tools is not the same as giving it the ability to use them well.
Crypto Briefing

CertiK unveils AI Auditor to improve early detection of blockchain vulnerabilities

CertiK launches AI Auditor to enhance real-time web3 security, focusing on early risk detection and smart contract vulnerabilities.
Cybernews

European Commission breach linked to Trivy attack, 29 EU entities at risk

A new CERT-EU report ties the European Commission cloud breach to the Trivy supply-chain attack and TeamPCP, before ...

OpenMetal Positions Bare Metal Infrastructure at the Center of Enterprise Computing’s Next Era

Surging demand for dedicated infra, hardware-level security, and predictable costs is driving a fundamental shift in ...
Security Boulevard

7 Identity and API Security Tools Modern SaaS Teams Should Evaluate in 2026

Discover 7 essential identity and API security tools for modern SaaS teams. Expert comparison of SSO, DAST, MCP security, and passwordless authentication tools ...
Security Boulevard

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...
Dark Reading

Trivy Supply Chain Attack Targets CI/CD Secrets

A threat actor is systematically targeting cloud credentials, SSH keys, authentication tokens, and other sensitive secrets stored in automated enterprise software build and deployment pipelines after ...
The Patriot Ledger

Fundy Software Launches Album Cover Materials Designer, an Industry-First Tool for Photographers

New feature empowers photographers to design and preview album cover materials with unprecedented speed and flexibility OR, UNITED STATES, March 13, 2026 ...