The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
The Hacker News

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

Massive regional C2 footprint More than 1.3K C2 Servers Discovered in the Middle East Hunt.io said it identified more than ...

CBSE test website had 'master password' that could be used to tamper marks, claims 'hacker' Nisarga Adhikary

CBSE has denied that the actual evaluation portal was compromised, saying the vulnerabilities highlighted by the teenager related only to a “testing site”.