The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
Graham Cluley

Smashing Security podcast #470: This AI security flaw might be impossible to fix

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.

Google AI Studio Cheat Sheet: Features, Pricing, and More

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and ...
Fox News

Are bank text codes enough to protect you?

Bank security can feel confusing because every account seems to handle it differently. One bank sends a text. Another sends an email. Another asks you to approve a login inside its app. So when ...
The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...
Hosted on MSN

US Air Force starts broadcasting encrypted nuclear Emergency Action Message codes

The US Air Force has issued two encrypted emergency codes typically used to transmit important military communications, sometimes related to nuclear command and control. The first Emergency Action ...
Forbes

Microsoft Is Phasing Out SMS 2FA Codes For Personal Accounts

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Lifehacker

Microsoft Is Eliminating SMS Codes for Two-Factor Authentication

Emily Long is a freelance writer based in Salt Lake City. After graduating from Duke University, she spent several years reporting on the federal workforce for Government Executive, a publication of ...
TechSpot

Microsoft is pulling the plug on SMS codes, wants you to switch to passkeys

In brief: Despite dating back to 1993 and the GSM era, SMS codes remain fully active across authentication and identity verification workflows. Microsoft is among the bigger tech players pushing to ...
cybernews

Microsoft ditches SMS codes for sign-in, says there’s a more secure way to reach your accounts

Text-based codes can be intercepted by hackers who use SIM swapping attacks to redirect a victim's phone number to their own device. Passkeys are a safer option because biometric data stays on a ...