The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
The Hacker News

Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

Magecart web skimming campaign active since 2022 stealing credit card and personal data from compromised e-commerce checkout ...

Target Hack Claims Surface as Source Code Allegedly Listed for Sale Online

Hackers claim stolen Target source code is being sold online after sample files appeared on public repositories.
PCMag

From AI Coding to QR Code Scams, 2026 Is Already a Security Nightmare

AI coding agents with exploitable vulnerabilities, cybercrime rings operating like professional enterprises, and new scam ...
Decrypt

DeadLock Ransomware Using Polygon Smart Contracts to Evade Detection

The ransomware family’s abuse of Polygon smart contracts echoes techniques recently seen in Ethereum-based attacks.
SecurityWeek

Russia’s APT28 Targeting Energy Research, Defense Collaboration Entities

Russian state-sponsored group APT28 has targeted energy research, defense collaboration, and government communication ...

DeadLock ransomware hides using exploited Polygon smart contracts

Cybersecurity firm Group-IB found the DeadLock ransomware is exploiting Polygon smart contracts to create a resilient ...
PCMag on MSN

FBI Warns About North Korean Hackers Adding Malicious QR Codes to Emails

Think before you scan. The FBI says a hacking group known as Kimsuky is targeting 'US entities' with emails that contain ...