The Hacker News

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...
The Hacker News

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic ...
WeLiveSecurity

OceanLotus: From external espionage to domestic targeting

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
Pen Test Partners

ClickFix, CrashFix and the growing family of copy and paste attacks

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...
MSN on MSN

3 unheard-of Linux tools that fix everyday command-line annoyances

If you've used Linux, you've undoubtedly experienced these problems, so why not take a look?

无需 WSL!Windows 原生一键部署 Hermes Agent:一条命令即可运行

HermesAgent是NousResearch打造的新一代自进化开源AI智能体框架,直击传统AIAgent部署门槛高、依赖繁杂的行业痛点——全程仅需数行命令即可完成部署,最低仅需256MB内存就能稳定运行。它彻底打破了普通聊天AI“只说不 ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the ...

Microsoft Build 2026 Highlights: From MAI-Code-1 to Project Solara, Here's What Microsoft ...

MAI models, GitHub Copilot desktop app, Project Solara, Windows dev tools, and the full agent stack explained.

My new favorite Windows app made my PC safer and more reliable - and it's free

Downloading executable installer files from random websites is the best way to put malware on your Windows PC. Stop doing ...
ZAKER on MSN

用了一天腾讯的 Marvis,说说真实感受

前段时间 OpenClaw 小龙虾🦞爆火的时候,老狐就一直有个观点:让子弹再飞一会。 如果你发现这个 AI 对你的工作流没有太大帮助,那你完全可以等等大厂的作品。 千万别急着把工作和账号权限都交出去,毕竟隐私和安全这类问题,真不是我们作为“使用者”能去很好把握的尺度。
InfoWorld

Understand Python’s new lock file format

The newly approved Python Enhancement Proposal 751 gives Python a standard lock file format for specifying the dependencies of projects. Here’s the what, why, and when. Python Enhancement Proposal ...