# Archive

Browse past daily curated stories

Jul 12 Jul 11 Jul 10 Jul 09 Jul 08 Jul 07 Jul 05 Jul 04 Jul 03 Jul 02 Jul 01 Jun 30 Jun 27 Jun 26 Jun 25 Jun 24 Jun 23 Jun 21 Jun 20 Jun 19 Jun 18 Jun 17 Jun 16 Jun 15 Jun 14 Jun 13 Jun 12 Jun 11 Jun 10 Jun 09

Sunday, July 12, 2026

  1. 1
    0
    The Hacker News general
    Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

    The jscrambler npm package version 8.14.0, published July 11, 2026, was found to contain a malicious preinstall hook that silently executes a Rust-based infostealer during installation across Windows, macOS, and Linux — requiring no import or CLI invocation. Socket detected the compromise just six minutes after publication. Supply chain attacks via trusted npm packages pose severe risk to CI/CD pipelines and developer environments.

  2. 2
    0
    BleepingComputer general
    New U-Boot flaws could enable stealthy firmware attacks

    Six vulnerabilities discovered in U-Boot, the widely deployed open-source bootloader used in embedded Linux devices, could allow attackers to execute malicious code during the boot process, enabling persistent firmware-level compromise that survives OS reinstalls. The flaws are particularly impactful given U-Boot's prevalence in routers, IoT devices, and industrial systems where firmware patching is often difficult or impossible.

  3. 3
    0
    The Hacker News general
    Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

    Attackers compromised the Injective Labs SDK GitHub repository and published malicious npm package @injectivelabs/[email protected], which embedded fake telemetry functionality to exfiltrate cryptocurrency wallet private keys and mnemonic seed phrases. The incident represents a classic software supply chain attack targeting the Web3/DeFi ecosystem, where a single compromised dependency can drain multiple users' wallets.

  4. 4
    0
    The Hacker News general
    Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

    Zimbra has issued an urgent patch for a critical stored XSS vulnerability in the Zimbra Collaboration Classic Web Client that allows specially crafted emails to execute arbitrary JavaScript in a victim's authenticated session. The flaw has not yet been assigned a CVE and affects organizations relying on the Classic Web Client interface for enterprise email.

  5. 5
    0
    SecurityWeek general
    ‘HalluSquatting’ Turns AI Hallucinations Into Botnet Delivery Mechanism

    'HalluSquatting' is a newly demonstrated attack technique that exploits AI assistant hallucinations — registering fake package or domain names that AI tools fabricate — to deliver malware and achieve remote code execution on victim systems. Researchers showed the technique can be used as a botnet delivery mechanism, turning a fundamental LLM reliability flaw into an active exploitation vector.

  6. 6
    0
    BleepingComputer general
    'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets

    'Ghostcommit' is a demonstrated prompt injection technique that embeds malicious instructions inside PNG image files to manipulate AI coding agents such as CodeRabbit and Bugbot, which never inspect image content. Researchers showed the attack could instruct a coding agent to read a repository's .env file and exfiltrate all secrets encoded as numbers within the codebase, bypassing AI-based code review entirely.

  7. 7
    0
    BleepingComputer general
    Former ransomware negotiator gets 4 years for BlackCat attacks

    Angelo Martino, a former DigitalMint cybersecurity employee hired to negotiate ransomware payments on behalf of victims, was sentenced to 70 months in federal prison for secretly working with the BlackCat/ALPHV ransomware group to extort those same clients. Separately, Armenian national Karen Vardanyan pleaded guilty to deploying Ryuk ransomware and faces up to 15 years in prison with nearly $1.2 million in restitution.

  8. 8
    0
    The Hacker News general
    Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers

    Researcher Sébastien Féry disclosed an unpatched denial-of-service flaw dubbed XRING in XQUIC, Alibaba's open-source QUIC and HTTP/3 library, which allows any unauthenticated remote client to crash an HTTP/3 server using approximately 260 bytes of valid QPACK traffic. No patch was available as of the July 8, 2026 disclosure, posing risk to any service built on XQUIC.

  9. 9
    0
    The Hacker News general
    Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched

    Ledger's Donjon security team demonstrated a laser fault injection attack against Tangem hardware crypto wallet cards that resets the card's PIN to an attacker-chosen value without knowledge of the original password — and affected cards cannot be patched. An attacker with brief physical access to the card can gain full control of the associated wallet and drain funds.

  10. 10
    0
    SecurityWeek general
    Network of 200 GitHub Repositories Used for Malware Infection

    Researchers identified a malware distribution network leveraging approximately 200 GitHub repositories, using Go modules to load PowerShell payloads that fetch a resolver from public dead-drop services before executing Windows malware. The infrastructure abuses GitHub's trusted reputation to evade network-based detection and demonstrates ongoing abuse of developer platforms for malware staging.