The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

Pittsburgh financial advisors: As national shortage approaches 100K, planning your transition is key

The decisions around transition, firm alignment, and eventual exit are already live conversations. The question isn’t whether ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

Success rate for basic training in Canadian military drops

Leaked internal report says the number of candidates who took multiple attempts to graduate has increased sharply ...
Foreign Affairs

What Drove Down America’s Fentanyl Deaths?

Among U.S. President Donald Trump’s first actions after returning to office in January 2025 was imposing new tariffs on Canada, China, and Mexico, which he accused of sending fentanyl to the United ...
Opinion
Foreign AffairsOpinion

The New Resource Curse

This episode joins a long list of embargoes, oil-price shocks, nationalization waves, and resource wars that have made petroleum the textbook case of commodity-driven instability. Yet the kinds of ...
GamingOnLinux

GameMaker is launching GMRT, a new modern runtime with source access

The popular game engine GameMaker continues advancing, with a new GMRT runtime that will give developers source access and ...

Why Ghana walked away from a US health deal

Talks between Ghana and the US over a bilateral healthcare deal have stalled, after Accra voiced concerns regarding sensitive ...

Schroder, Mobley rally Cavaliers in 4th quarter for 125-120 win over Raptors to take 3-2 series lead

Dennis Schroder scored 11 of his 19 points in the fourth quarter, Evan Mobley hit a pair of pivotal 3-pointers in the final ...

Gladiators star Giant: ‘I feel let down by the BBC – we’ve done nothing wrong’

Gladiators star Giant has shared his shock at being axed from the BBC show over his girlfriend’s OnlyFans job. The ...
CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...