The Hacker News

The State of Trusted Open Source Report

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...
Stratechery

Axios Supply Chain Attack, Claude Code Code Leaked, AI and Security

AI is going to be bad for security in the short-term, but much better than humans in the long-term. Subscribe to Stratechery Plus for full access. With Stratechery Plus you get access to the ...
Bleeping Computer

Cisco source code stolen in Trivy-linked dev environment breach

Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to ...
Dark Reading

Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

Hard on the heels of a broad supply chain attack that impacted the Aqua Security-maintained Trivy open source security-scanner project, Checkmarx on Tuesday disclosed that attackers had compromised a ...
Putnam Daily Voice

Chili's Mocks Upscale Chain's Dress Code, Reveals Its Own Clothing Rule

The upscale chain recently updated its policy, according to a notice on its website outlining rules for dining room attire. "Kindly remove all hats when entering the restaurant," the policy states.
Visual Studio Magazine

Hands On with VS Code 1.112's New Image Analysis for Agents

VS Code 1.112 agents can now read image files from disk. The image carousel can open generated or selected images in chat. My PoC used three leaderboard screenshots to summarize model trade-offs.
Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
financefeeds

Bitcoin Developer Stores 66KB Image On-Chain, Challenging BIP-110 Restrictions

What Did the Proof-of-Concept Show? Slovak Bitcoin developer Martin Habovštiak has embedded a 66-kilobyte TIFF image directly into the Bitcoin blockchain as a single contiguous transaction, disputing ...
istockphoto

Golden chain necklace with clover pendant stock illustration...

Royalty-free licenses let you pay once to use copyrighted images and video clips in personal and commercial projects on an ongoing basis without requiring additional payments each time you use that ...
Columbus Dispatch

Grok Image Scandal Exposes AI Accountability Gap as VeritasChain Releases CAP v1.0 Standard

After the Grok non-consensual image controversy, VeritasChain releases CAP v1.0, the first open standard to cryptographically prove AI content refusals. The Grok incident showed that AI providers ...