The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.

npm tackles its riskiest security issues

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...
Macworld

Marvel at over 250 fixes and improvements coming in the Apple updates this fall

Macworld reports that Apple’s fall updates will deliver 263 fixes and improvements across iOS, iPadOS, macOS, watchOS, and ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...

When Jeffrey Epstein Needed Favors, This Restaurant Mogul Was There

Stephen Hanson, whose empire included Blue Water Grill and Ruby Foo’s, was a devoted friend and wingman who helped manage and ...

How to Share a Link to a Particular Phrase

Modern browsers let you share a link that jumps straight to whatever text you wish to highlight. Here’s how the feature works ...
NPR

In Black America

June 7, 2026 • This week on In Black America, producer and host John L. Hanson, Jr. presents a conversation with Marion E. Orr, political scientist, professor of Public Policy and Political Science ...