The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Microsoft had to shut down 70+ GitHub repos after getting hacked, brings back some

Microsoft had to disable more than 70 GitHub repos this week after a nasty password-stealing malware infected them.
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
CoinDesk

Humanity Protocol token crashes more than 80% after a $32 million private-key hack

Humanity Protocol's H token crashed more than 80% after attackers stole the private keys behind the project and drained more than $30 million, the latest in a year of crypto thefts that go after keys ...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
Decrypt

Humanity Protocol Loses $36M After Private Keys 'Compromised,' Token Crashes 73%

The decentralized identity protocol said a compromised employee's laptop let attackers seize its bridges and mint tokens at ...
Cybernews

Hackers hijack Microsoft packages to steal developer logins

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...