The Hacker News

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...

700Credit Data Breach Exposes Sensitive Information of Millions Through Third-Party Failure

Financial technology company 700Credit has disclosed a significant data breach that resulted in the exposure of personal ...
InfoQ

API Platform Unkey Ditches Serverless After Performance Struggles

Developer Platform Unkey has written about rebuilding its entire API authentication service from the ground up, moving from ...
InfoQ

Lessons Learned From Building LinkedIn’s First Agent: Hiring Assistant

Karthik Ramgopal and Daniel Hewlett discuss the evolution of AI at LinkedIn, from simple prompt chains to a sophisticated ...
SecurityWeek

Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist

Shai-Hulud 2.0 infected over 12,000 systems and exposed Trust Wallet keys that were used to steal $8.5 million from 2,520 ...
Security Boulevard

PQC-Hardened Model Context Protocol Transport Layer Security

When your mcp client talks to a server—maybe a retail bot checking inventory levels—they usually do a "handshake" to agree on a secret key. If you use ML-KEM, that handshake stays safe even if a ...