The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Queerty

He started a new hookup app where gays can find a drill & get drilled. Is that what we need?

For years, Calum Bowden has fantasized about a new kind of gay digital platform. Rather than increase alienation, he wondered ...
ITWeb on MSN

The Open Group launches the Open Footprint® standard, edition 1.0 to streamline scope 1, 2, and 3 emissions management

The Open Group Launches the Open Footprint® Standard, Edition 1.0 to Streamline Scope 1, 2, and 3 Emissions ManagementBusiness Wire via ITWeb,SAN FRANCISCO, 02 Jun 2026The Open Group, the ...
Silicon Republic

Cloudflare acquires Vite maker Voidzero for an AI-native web

The best engineers I know are shipping more code than ever and writing less of it by hand,' said Cloudflare CEO Matthew ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
MUO on MSN

I tried every major Android browser, and the one I kept wasn't Chrome, Firefox, or Opera

The Android browser nobody recommends, but should.

KS3/GCSE Geography: River Test and UK chalk streams

Paul: It's time to head east, to the chalk hills of southern England. This unique landscape has given rise to some of my ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
cryptopolitan

Attackers trojanized Arweave’s WeaveDB npm package to deploy malware

A Rust infostealer called IronWorm hid in 36 npm packages from the Arweave ecosystem. The malware self-replicated and then pushed backdated malicious commits across nine organizations. Developers who ...
SMEChannels

Cloudflare Bets on the AI-Native Future with Strategic Acquisition of VoidZero and the Vite Ecosystem

Cloudflare is redefining AI-era software development by integrating the world's most widely adopted modern web tooling ...

Unofficial script lets you install unreleased Windows 11 features without Microsoft Account0 0

This unofficial script enables users to install and access unreleased Windows 11 features while bypassing the requirement for ...

Southeast Nebraska speaks up: Letters to the editor for the week of Jun. 5, 2026

Our weekly round-up of letters published in the Lincoln Journal Star. Keep your eye on the ball, folks, even if it’s not ...