The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

OpenAI files confidentially for IPO, but tells the world about it

The race is on, with OpenAI announcing its own confidential filing for an IPO just a week after Anthropic revealed its IPO ...
Telegraph HeraldOpinion

Farm & Food File: Big Bacon's Farm Bill carve-out needs to be carved out

Farm Bills often are loaded with special interest lard that favors, say, crop insurance companies, international grain ...

Meta files plans for first D.C.-area retail outpost at Tysons Corner Center

Retail makeover of former Lorton prison is complete with last lease How Bill Fuchs saved — and then grew — a beloved D.C.

Security News This Week: Crypto-Funded Chinese Peptide Labs Are Booming

Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite ...
Cryptopolitan on MSN

IronWorm malware plants rootkit in Arweave ecosystem npm libraries

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...

How to live for a week without ultraprocessed foods, according to our health reporter

On June 4 at 1 p.m. ET, Kelly Grant answered reader questions about her family’s week without ultraprocessed foods (UPFs) and ...
Infosecurity Magazine

North Korean Hackers Use Fake Coding Tasks to Steal Crypto

To reach protected secrets, the macOS and Linux versions show a fake password dialog, then reuse the captured password to ...
The Caledonian-Record

NUBURU Files Golden Power Notification for Majority Acquisition of Tekne, Launching Formal Review by the Italian Government

A subsidiary of NUBURU, Nuburu Subsidiary, Inc. fully owns Lyocon S.r.l. (“Lyocon”), an Italian laser-technology company specializing in the design, manufacturing, and integration of high-power ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...