Trump says he is in no rush for an Iran deal that is far from finished
By Summer Said, Anat Peled and Alexander Ward

President Trump said Sunday he was in no hurry to complete an end-of-war agreement with Iran after spending weeks insisting Tehran had to quickly make nuclear concessions or face renewed attacks. ⌘ Read more

FBI director’s Based Apparel site has been spotted hosting a ‘ClickFix’ attack
Article URL: https://www.pcmag.com/news/kash-patels-apparel-site-is-trying-to-trick-visitors-into-installing-malware

Comments URL: https://news.ycombinator.com/item?id=48243293

Points: 16

# Comments: 4 ⌘ Read more

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations. ⌘ Read more

GitHub’s Internal Repos Breached Via Employee’s Use of Malicious VS Code Extension
Longtime Slashdot reader Himmy32 writes: GitHub has announced on X that their internal repositories have been breached through a compromised VS Code Extension on an employee’s workstation. Bleeping Computer reported that the attack is linked to TeamPCP who have been in the news for a recent campaign affecting Checkm … ⌘ Read more

Microsoft Exchange Server Vulnerability Actively Exploited, in a Bad Week for Microsoft
Forbes describes it as “definitely already out there, and under active exploitation according to the U.S. Cybersecurity and Infrastructure Security Agency, urging all organizations to prioritize timely remediation as the attack vector poses a significant risk.”

“We have issued CVE-2026-42897 to address … ⌘ Read more

Pieck Finger (XTER) [Attack on Titan] ⌘ Read more

California Law Limits ‘Recyling’ Logo in New Attack on Plastic Waste
“Most of the plastic waste in California is about to lose the recycling symbol,” writes the Washington Post’s “climate coach.”

The “chasing arrows” symbol, created in 1970 by a college student inspired by the burgeoning environmental movement, has been stamped indiscriminately on plastic bottles, clamshell takeout containers, chip bags and … ⌘ Read more

Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording
Plus: Instructure’s Canvas ransomware debacle comes to a close, an alleged dark net market kingpin gets arrested, OpenAI workers fall victim to a supply chain attack, and more. ⌘ Read more

Ukraine verstärkt Angriffe auf Ölsektor
Im Kampf gegen die russischen Invasoren hat die Ukraine seine Angriffe auf Russlands Ölsektor heuer stark ausgeweitet. Am Freitag meldete die ukrainische Armee eine Attacke auf die drittgrößte Raffinerie Russlands in der Stadt Rjasan. In Kiew wurden nach der jüngsten russischen Angriffswelle – einer der schwersten seit Kriegsbeginn – die Flaggen auf halbmast gesetzt. Beim Einschlag einer russischen Rakete in einen Wohnblock waren 24 Menschen getötet worden. ⌘ Read more

Mystery Microsoft Bug Leaker Keeps the Zero-Days Coming
An anonymous researcher known as Nightmare-Eclipse, who has already leaked several Windows zero-days this year, has disclosed two more: YellowKey and GreenPlasma. The Register reports: Nightmare-Eclipse described YellowKey as “one of the most insane discoveries I ever found.” They provided the files, which have to be loaded onto a USB drive, and if the attacker co … ⌘ Read more

Your iPhone Gets Stolen. Then the Hacking Begins
A bustling underground ecosystem is providing criminals with the tools to unlock iPhones—and wage phishing attacks against their contacts to access bank accounts and more. ⌘ Read more

Sam Altman Testifies That Elon Musk Wanted Control of OpenAI
OpenAI CEO Sam Altman took the stand Tuesday in Elon Musk’s trial against the company, testifying that Musk repeatedly sought control of OpenAI before leaving in 2018. Altman said he opposed putting AI “under the control of any one person,” while Musk’s lawyer used a pointed cross-examination to attack Altman’s trustworthiness. An anonymous reader shares … ⌘ Read more

Foxconn Ransomware Attack Shows Nothing Is Safe Forever
Famous for helping build Apple’s iPhones, Foxconn just suffered another cyberattack, highlighting the perils of warehousing some of the world’s most valuable data. ⌘ Read more

The Canvas Hack Is a New Kind of Ransomware Debacle
Wired describes the recent Canvas breach as an unusually disruptive ransomware-style extortion incident because one attack on Instructure’s learning platform temporarily paralyzed thousands of schools during finals and end-of-year assignments. The hackers using the “ShinyHunters” name claim more than 8,800 schools were affected, while Instructure says exposed data included … ⌘ Read more

卡巴斯基披露，上古软件 DAEMON Tools 爆大规模供应链攻击
DAEMON Tools 是一款有20多年历史的著名虚拟光盘工具，它可以把镜像文件虚拟成一张真实的光盘，广泛应用在上世纪的 Windows 电脑中。是的，它还活着。 感谢肯尼同学的提醒。 卡巴斯基近日披露：我们的专家发现了通过 DAEMON Tools 进行的大规模供应链攻击。攻击者设法将恶意代码注 ⌘ Read more

US Government Warns of Severe CopyFail Bug Affecting Major Versions of Linux
An anonymous reader quotes a report from TechCrunch: A severe security vulnerability affecting almost every version of the Linux operating system has caught defenders off-guard and scrambling to patch after security researchers publicly released exploit code that allows attackers to take complete control of vulnerable sys … ⌘ Read more

Hackers Are Actively Exploiting a Bug In cPanel, Used By Millions of Websites
Hackers are actively exploiting a critical cPanel and WHM vulnerability, tracked as CVE-2026-41940, that allows remote attackers to bypass the login screen and gain full administrative access to affected web servers. Major hosts including Namecheap, HostGator, and KnownHost have taken mitigation steps or patched systems, bu … ⌘ Read more

New Linux ‘Copy Fail’ Vulnerability Enables Root Access On Major Distros
A newly disclosed Linux kernel flaw dubbed “Copy Fail” can let a local, unprivileged attacker gain root access on major Linux distributions, with researchers claiming the bug affects kernels shipped since 2017. “The POC exploit works out of the box today, but a future version that can escape from containers like Docker is promised soon … ⌘ Read more

OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts
OpenAI is rolling out Advanced Account Security for people concerned that their ChatGPT or Codex accounts could be potential targets of phishing attacks. ⌘ Read more

Elon Musk Testifies That He Started OpenAI to Prevent a ‘Terminator Outcome’
The judge also warned Musk and Sam Altman to curb their “propensity to use social media to make things worse outside the courtroom” after both sides traded attacks online. ⌘ Read more

Here’s How Much San Francisco Tech Companies Pay for Police Protection
A recent attack on Sam Altman’s home and OpenAI offices has put corporate security under renewed scrutiny. Records reveal how much some tech firms spend to arm up. ⌘ Read more

Google Studies Prompt Injection Attacks Against AI Agents Browsing the Web
Are AI agents already facing Indirect Prompt Injection attacks? Google’s Threat Intelligence teams searched for known attacks that would target AI systems browsing the web, using Common Crawl’s repository of billions of pages from the public web).

We observed a number of websites that attempt to vandalize the machine of anyone … ⌘ Read more

‘STAGED’: Conspiracy Theories Are Everywhere Following White House Correspondents’ Dinner Shooting
The word “staged” exploded on social media following the attack, as both right and left-wing influencers and anonymous accounts spread unfounded conspiracy theories. ⌘ Read more

Bitwarden CLI Is the Next Compromise In Checkmarx Supply Chain Campaign
Longtime Slashdot reader Himmy32 writes: Socket Security published an article on the compromise of the Bitwarden CLI client, which was pushed from Bitwarden’s client repository. This breach was the next in a chain of supply-chain attacks that have affected Checkmarx KICS and Aqua Security’s Trivy scanners.

The breach was quickly dete … ⌘ Read more

又是 npm 包投毒，密码管理器 Bitwarden CLI 中招（放心：本体安全）
密码管理器 Bitwarden 本体没有问题，命令行工具 @bitwarden/cli@bitwarden/cli 版本中招。如果你和你的 AI 不曾使用 CLI，就可以不管它。@Appinn 发生了什么？ 来自 socket.dev 的消息：攻击者入侵了 Bitwarden 的发布流程（CI/CD），把一个 ⌘ Read more

Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet
Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally. ⌘ Read more

[$] Dependency-cooldown discussions warm up
Efforts to introduce malicious code into the open-source supply
chain have been on the rise in recent years, and there is no indication that they
will abate anytime soon. These attacks are often found quickly, but not quickly
enough to prevent the compromised code from being automatically injected into other
projects or code deployed by users where it can wreak havoc. One method of avoiding
supply-chain attacks is to add a delay of a few days before pulling upates in what
is known as a “dep … ⌘ Read more

Florida Launches Criminal Investigation Into ChatGPT Over School Shooting
Florida’s attorney general has launched a criminal investigation into OpenAI over allegations that the accused gunman in a shooting at Florida State University last year used ChatGPT to help plan the attack. OpenAI says the chatbot is “not responsible for this terrible crime” and only provided factual information available from p … ⌘ Read more

Cal.com Is Going Closed Source Because of AI
Cal is moving its flagship scheduling software from open source to a proprietary license, arguing that AI coding tools now make it much easier for attackers to scan public codebases for vulnerabilities. “Open source security always relied on people to find and fix any problems,” said Peer Richelsen, co-founder of Cal. “Now AI attackers are flaunting that transparency.” CEO Bailey Pumflee … ⌘ Read more

CPUID Site Hijacked To Serve Malware Instead of HWMonitor Downloads
Attackers briefly hijacked part of CPUID’s backend and swapped legitimate download links on its site with malware-laced ones. “The issue hit tools like HWMonitor and CPU-Z, with users on Reddit and elsewhere starting to notice something wasn’t right when installers tripped antivirus alerts or showed up under odd names,” reports The Register. F … ⌘ Read more

[$] LWN.net Weekly Edition for April 9, 2026
Inside this week’s LWN.net Weekly Edition:

• Front: TPM attacks; arithmetic overflow protection; Ubuntu GRUB changes; kernel IPC proposals; fre:ac; Scuttlebutt.

• Briefs: Nix vulnerability; OpenSSH 10.3; Sashiko reviews; FreeBSD testing; Gentoo GNU/Hurd; SFC on router ban; Quotes; …

• Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more

Avoiding supply chain attacks in Go
1 points posted by Elton Minetto ⌘ Read more

Top NPM Maintainers Targeted with AI Deepfakes in Massive Supply-Chain Attack, Axios Briefly Compromised
“Hackers briefly turned a widely trusted developer tool into a vehicle for credential-stealing malware that could give attackers ongoing access to infected systems,” the news site Axios.com reported Tuesday, citing security researchers at Google.

The compromised package … ⌘ Read more

@movq@www.uninformativ.de Yeah. Unfortunately. :-( I tried to bring up the subject of dependency upgrade reviews a few times, but nobody else cared. We finally experienced a supply chain attack (luckily, didn’t turn out too horrible for us, could have been worse) and this got the discussion slowly rolling again. So, publication of this article is perfect timing. Let’s see. Admittedly, I don’t have high hopes. And I bet someone suggests to use AI agents…

@lyse@lyse.isobeef.org Indeed. Very unpopular, though. I’ve long given up that fight at work.

In reality, there are too few real incidents. It doesn’t hurt enough. It’s always: “Something could happen!” But we’ve never been hit big time by an attack like this … so I just look like a paranoid idiot.

MacOS 26.4 Adds Warnings For ClickFix Attacks to Its Terminal App
An anonymous Slashdot reader writes: ClickFix attacks are ramping up. These attacks have users copy and paste a string to something that can execute a command line — like the Windows Run dialog, or a shell prompt.

But MacRumors reports that macOS 26.4 Tahoe (updated earlier this week) introduces a new feature to its Terminal app where it will … ⌘ Read more

Popular LiteLLM PyPI Package Backdoored To Steal Credentials, Auth Tokens
joshuark shares a report from BleepingComputer: The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. LiteLLM is an open-source Python library that serves as a gat … ⌘ Read more

Trapped! Inside a Self-Driving Car During an Anti-Robot Attack
A man crossing the street one San Francisco night spotted a self-driving car — and decided to confront its passenger, 37-year-old tech worker Doug Fulop. The New York Times reports the man yelled that “he wanted to kill Fulop and the other two passengers for giving money to a robot.”
A taxi driver would have simply driven away. But Fulop’s vehicle had … ⌘ Read more

Trivy Supply Chain Attack Spreads, Triggers Self-Spreading CanisterWorm Across 47 npm Packages
“We have removed all malicious artifacts from the affected registries and channels,” Trivy maintainer Itay Shakury posted today, noting that all the latest Trivy releases “now point to a safe version.” But “On March 19, we observed that a threat actor used a compromised credential…”

And … ⌘ Read more

iPhone Exploit DarkSword Steals Data In Minutes With No Trace
BrianFagioli writes: A new iOS exploit chain called DarkSword shows how attackers can break into certain iPhones, grab sensitive data like messages, credentials, and even crypto wallets, and then disappear without leaving obvious traces. It targets older iOS 18 builds using Safari and WebGPU flaws to escape Apple’s sandbox, which is pretty wild on its … ⌘ Read more

Polymarket Gamblers Threaten To Kill Journalist Over Iran Missile Story
An anonymous reader quotes a report from the Times of Israel, written by journalist Emanuel Fabian: On Tuesday, March 10, a massive explosion shook the city of Beit Shemesh, just outside Jerusalem, in yet another Iranian ballistic missile attack during the ongoing war. Rescue services scrambled to the scene in search of possible casu … ⌘ Read more

My twtxt instance is under a de-facto attack. Or, at this point, I can’t even differentiate an attack from the other in the constant barrage or malicious requests.

There were so many bots hammering it, in only 3 days, they consumed the ironically significant amount of 666 MB — I kid you not! In the last 24 hours, there were 59,673 hits on this endpoint alone.

I had to put my twtxt web interface behind a password-protected BasicAuth directive. As I’m the only one using it, it’s fine.

Bots, scrappers and Large Laggy Manglers are poisoning the open web.

@lyse@lyse.isobeef.org Hm, I’m not sure I would want to do that:

ForwardAgent
    ...

    Agent forwarding should be enabled  with  caution.   Users
    with  the ability to bypass file permissions on the remote
    host (for the agent's Unix-domain socket) can  access  the
    local agent through the forwarded connection.  An attacker
    cannot  obtain  key  material from the agent, however they
    can perform operations on the keys that enable them to au‐
    thenticate using the identities loaded into the agent.

** WARNING: connection is not using a post-quantum key exchange algorithm.
** This session may be vulnerable to “store now, decrypt later” attacks.
** The server may need to be upgraded. See https://openssh.com/pq.html

😱😱😱

US Cybersecurity Adds Exploited VMware Aria Operations To KEV Catalog
joshuark writes: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. VMware Aria Operations is an enterprise monitoring platform that helps organizations track t … ⌘ Read more

The 19th Century Silent Film That First Captured a Robot Attack
The Library of Congress has restored Gugusse et l’Automate, an 1897 short by Georges Melies that likely features the first robot ever shown on film. Long thought lost, the reel was discovered in a box of decaying nitrate films donated from a Michigan family collection. NPR reports: The film, which can be viewed on the Library of Congress’ websi … ⌘ Read more

America Used Anthropic’s AI for Its Attack On Iran, One Day After Banning It
Engadget reports:

In a lengthy post on Truth Social on February 27, President Trump ordered all federal agencies to “immediately cease all use of Anthropic’s technology” following strong disagreements between the Department of Defense and the AI company. A few hours later, the U.S. conducted a major air attack on Iran with … ⌘ Read more

After US-Israel Attacks, 90 Million Iranians Lose Internet Connectivity
CNN reports that images from Iran’s capital “have shown cars jammed along Tehran’s street, with heavy traffic on major roads after today’s wave of attacks by the US and Israel.” And though Iran has a population of 93 million, the attacks suddenly plunged Iran into “a near-total internet blackout with national connectivity at 4% of or … ⌘ Read more

Google Quantum-Proofs HTTPS
An anonymous reader quotes a report from Ars Technica: Google on Friday unveiled its plan for its Chrome browser to secure HTTPS certificates against quantum computer attacks without breaking the Internet. The objective is a tall order. The quantum-resistant cryptographic data needed to transparently publish TLS certificates is roughly 40 times bigger than the classical cryptographic material used today. Today’s X.509 c … ⌘ Read more

Hacker Used Anthropic’s Claude To Steal Sensitive Mexican Data
A hacker exploited Anthropic’s AI chatbot to carry out a series of attacks against Mexican government agencies, resulting in the theft of a huge trove of sensitive tax and voter information, according to cybersecurity researchers. From a report: The unknown Claude user wrote Spanish-language prompts for the chatbot to act as an elite hacker, finding vu … ⌘ Read more