Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...

GitHub Investigates Major Hack Claim as TeamPCP Offers 4,000 Private Code Repositories for Sale

GitHub is investigating an alleged breach after TeamPCP claimed access to nearly 4,000 private repositories, though no impact ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
TechBooky

Hackers Abuse Microsoft Password Reset to Steal Data

Data is being stolen by a threat actor who is targeting Microsoft 365 and Azure production installations using assaults that ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

6 Best Free Inventory Management Software in 2026

Find the 6 best free inventory management software for small businesses in 2026. We review top tools like Odoo, Zoho, and ...

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...

Former Oakes Farms exec claims owner Alfie Oakes orchestrated fraud

A former Oakes Farms executive, accused of stealing millions from the company and its affiliates, claims he stole for the ...
The Hacker News

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are ...