The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
Security Boulevard

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document ...
Chiang Rai Times

How to Protect AI, Data, and Apps in the Cloud (2026)

That’s according to recent reports from SentinelOne and Fortinet. Meanwhile, AI speeds up attacks, automating exploits and creating deepfakes that hit faster than ever. You deal with prompt injection ...

Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet

Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation ...

New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Cybercriminals are tricking AI into leaking your data, executing code, and sending you to malicious sites. Here's how.

In a first, a ransomware family is confirmed to be quantum-safe

A relatively new ransomware family is using a novel approach to hype the strength of the encryption used to scramble ...