Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

Android’s June 2026 System Update Brings Password Freedom, Clearer Discounts and More

Google is rolling out June 2026 system updates with easier password migration, revamped Play Store designs, and unified app ...

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard

The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have ...
Infosecurity Magazine

Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users

A 10-month Android malware campaign has used nearly 250 fake apps to sign victims up to premium services on their mobile bills, with hardcoded operator targeting for users in Malaysia, Thailand, ...
The Hacker News

Funnel Builder Flaw Exploited to Enable WooCommerce Checkout Skimming

A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages ...
GitHub

Android app to run on a set-top box and play video URLs "cast" to it with a stateless HTTP API (based on AirPlay v1).

There is no UI when the app starts. It's a foreground service with a notification, which runs a web server on port 8192. The IP address of the server is given in the notification message. When a video ...
GitHub

Meshtastic-Android

This is a tool for using Android (and Compose Desktop) with open-source mesh radios. For more information see our webpage: meshtastic.org. If you are looking for the device side code, see here. The ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible ...