The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...
Wired

Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps

The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance. So one group of ...
CSO Online

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
CSOonline

The Gentlemen are coming for your files, and then your network

Microsoft’s analysis of the Gentlemen ransomware reveals a Go-based encryptor capable of spreading across networks, helping operators expand attacks beyond the initially compromised system. Ransomware ...
9to5Mac

iOS 26.5 gave Messages app encrypted RCS, here’s how to check it’s working

One of the many benefits of using iMessage is that you know your conversations are always end-to-end encrypted. That level of security has never previously extended to green bubble conversations. But ...
VentureBeat

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain incidents hit OpenAI, Anthropic and Meta in 50 days: three adversary-driven attacks and one self-inflicted packaging failure. None targeted the model, and all four exposed the same ...
Engadget

iOS end-to-end encrypted RCS messaging begins rolling today in beta

With today's release of iOS 26.5, Apple has begun rolling out beta support for end-to-end encrypted RCS messaging. As with all things RCS, there are some basic requirements both you and the recipient ...
Cult of Mac

These US carriers now support encrypted RCS messaging

Apple’s newly released iOS 26.5 update supports end-to-end encryption for RCS messaging between iPhones and Android devices. However, the feature requires the cooperation of wireless carriers.
Morningstar

Global Relay Simplifies Encrypted File Transfer Compliance via Partnership With SendSafely

Global Relay, a leading provider of integrated digital communications and mobile compliance solutions for highly regulated industries, has today announced a new integration partnership with SendSafely ...
HotHardware

This New Ransomware Is So Broken It Permanently Destroys Your Files Instead of Encrypting Them

Ransomware attacks have grown in complexity and frequency over the past decade, but as horrible as an attack can be, malicious actors often honor the ransom and decrypt files after receiving payment.