The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days using 5 attack techniques. Bot achieved RCE in 5 of 7 targets, stole GitHub ...
The New York Times

F.T.C. Settles With Express Scripts Over High Insulin Prices

The Trump administration announced that the company, a pharmacy benefit manager, had agreed to make significant changes to its practices. By Rebecca Robbins and Reed Abelson The reporters have ...
Redmondmag.com

GitHub Abuse Emerges in Twin Social Engineering Campaigns Spotted by Fortra, Trend Micro

Security researchers are tracking two separate GitHub-related threat campaigns that use the platform's infrastructure in different ways -- one to deliver vishing lures through legitimate GitHub ...
ConsumerAffairs

Express Scripts Reviews

I love Express Script, they are great! I get my meds cheap and the pharmacist are all helpful. I cannot say that for all customer service people but they do a great job as well. Just like every ...
CNBC

Cigna settles FTC insulin case, commits to overhauling drug pricing

Cigna Corp's Express Scripts has settled the U.S. Federal Trade Commission's claims its insulin pricing practices violated antitrust and consumer protection laws, and agreed to changes aimed at ...
Healthcare Dive

Express Scripts reaches ‘landmark’ settlement with FTC in insulin suit

The Federal Trade Commission has agreed to what it called a “landmark” settlement with Express Scripts, allowing the company to bow out of the agency’s lawsuit against major pharmacy benefit managers ...
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that evade standard code review.
GitHub

danielmeppiel/action-apm-cli

Enable AI-native development workflows in CI/CD. Automatic APM dependency resolution, AGENTS.md compilation, and Copilot CLI integration.