The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures

D Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with ...
GitHub

AWS SDK for JavaScript v3

The AWS SDK for JavaScript v3 is a rewrite of v2 with some great new features. As with version 2, it enables you to easily work with Amazon Web Services, but has a modular architecture with a separate ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Kelly Cates gives Jamie Johnson FC’s masculinity storyline the Match of the Day analysis for BBC Bitesize

Mental health expert Andrew Pain joins Kelly to analyse moments from key storyline from BBC football drama In a special video ...
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...
CNX Software

Convert old IR remote controls into presentation clickers using an RP2040 USB board and open-source TTVKTR firmware

TTVKTR open-source firmware converts old IR remote controls into presentation clickers through Raspberry Pi RP2040 USB boards ...

What to Bring

Ticket holders who have purchased a ‘General Admission – Bring Your Own Chair’ ticket can bring one folding chair. Only one ...

Finn Mannion is the winner of BBC Radio Scotland Young Classical Musician 2026

Finn Mannion (Cello) has been named winner of BBC Radio Scotland Young Classical Musician 2026. The Grand Final brought three ...

Symphonic Pride – BBC Scottish Symphony Orchestra celebrates LGBTQ+ voices from Tchaikovsky to Chappell Roan

The BBC Scottish Symphony Orchestra marks the first day of Pride Month with the announcement of Symphonic Pride: We Have ...
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...