The Hacker News

Which Code Vulnerabilities Actually Get Fixed? New Code Security Data from 50,000+ Repos

Authentication Failures (A07) show the largest gap in the dataset: a 48-percentage-point difference between leaders and the field. Leaders fix at nearly 60%, while the field sits at roughly 12%.
The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

The Security-Privacy Paradox: How Data Encryption Fights Cybercrime And Terrorism While Sometimes Aiding It

This growth in illicit activity has pushed encryption to the center of debates about national security, law enforcement and ...
CoinDesk

Encryption Supremacy: Zcash and Privacy in the Age of Scale

CoinDesk Research maps five crypto privacy approaches and examines which models hold up as AI improves. Full coverage of ...
CoinDesk

A quantum computer may need just 10,000 qubits to empty your crypto wallets, researchers say

The research shows quantum computers may break bitcoin and ether wallet encryption with far fewer qubits than previously ...

This App Makes Even the Sketchiest PDF or Word Doc Safe to Open

When somebody sends you a document as an attachment, don't just open it. Use the free tool Dangerzone to scrub it clean of ...

New Torg Grabber infostealer malware targets 728 crypto wallets

A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them ...
SecurityWeek

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

When researchers found an obfuscated token while examining the relationship between OpenAI Codex and GitHub, they took notice ...