The Hacker News

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

Researchers uncovered 5GB of leaked credentials from JSONFormatter and CodeBeautify, exposing sensitive data across critical ...
The Hacker News

ToddyCat's New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens

ToddyCat upgrades tools like TCSectorCopy and TomBerBil to steal corporate email and browser data, targeting Outlook and ...
Security Boulevard

Shai-Hulud: The Second Coming

While the September 2025 Shai-Hulud attack focused primarily on credential harvesting and self-propagation, this new variant ...
Cryptopolitan on MSN

Over 80,000 sensitive password and key files leaked online

Researchers uncover more than 80,000 leaked passwords, keys, and sensitive files exposed on popular online code formatting ...
CSO Online

ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens

The new ToddyCat tooling shifts the group’s focus from browser theft to extracting Outlook mail archives and Microsoft 365 ...
MUO on MSN

I tested 5 open-source Figma replacements — one absolutely crushed the rest

Figma is one of the most popular design tools around. But when it announced its 2025 price hikes, I knew something had to ...

Shai-Hulud is back with a new campaign infecting more npm packages

According to findings from Wiz, over 25,000 npm packages have been compromised and over 350 users have been impacted.
InfoWorld

Developers left large cache of credentials exposed on code generation websites

A large trove of sensitive credentials, authentication keys, configuration data, tokens, and API keys has been potentially ...

A weekend ‘vibe code’ hack by Andrej Karpathy quietly sketches the missing layer of enterprise AI orchestration

Andrej Karpathy’s weekend “vibe code” LLM Council project shows how a simple multi‑model AI hack can become a blueprint for ...
InfoQ

Stripe's Zero-Downtime Data Movement Platform Migrates Petabytes with Millisecond Traffic Switches

Downtime Data Movement Platform, a system enabling petabyte-scale database migrations with traffic switches that typically ...

Shai-Hulud 2: New version of NPM worm also attacks low-code platforms

The attackers have learned from their mistakes and have now developed a more aggressive version of the worm. It has already ...

The right way to zip large files on Windows 11 PCs (and why it makes a big difference)

Compressing files is a practical Windows 11 skill for organizing your storage (and you don't need extra apps). Here's how.