#security
// 46 transmissions tagged with #security
Satellite data shows GPS signal tampering is far more widespread
A newly launched monitoring satellite has mapped GPS interference across multiple continents, confirming that tampering is a global security issue for navigation‑dependent systems. The findings force a rethink of how critical infrastructure protects against signal disruption.
Tigera launches Lynx for Kubernetes AI agents
Tigera's Lynx is a unified control plane that secures and audits Kubernetes-native AI agents without requiring code changes, integrating with existing identity providers and observability stacks [Dev.to][Tigera Blog].
Let's Encrypt renewal errors affect many certificates today
Let's Encrypt reported errors that halted many certificate renewals today, according to its status page. The incident underscores the need for reliable renewal monitoring.
Exposed a .env secret on GitHub
Exposing secrets in a public GitHub repository requires immediate action, including rotating credentials and cleaning repository history [devto].
10,000 github repos distribute trojan-laden zip archives
A researcher found 10,000 GitHub repositories hosting zip archives with Trojan payloads, evading GitHub's automated security scans by repeatedly deleting and recreating commits [DevTo].
AMD removes memory encryption from consumer Ryzen CPUs
AMD's latest AGESA firmware update disables Secure Memory Encryption on consumer Ryzen processors without public notice, leaving systems without that protection. AMD engineers have not commented on the change.
IIS servers vulnerable to jail time
IIS servers are vulnerable to exploitation, with potential consequences including jail time for those who engage in such activities [hn-front]
LinkedIn job offer flow contains backdoor vulnerability
A researcher uncovered a backdoor in LinkedIn's job‑offer API that lets attackers bypass validation and pull user data, a flaw confirmed by LinkedIn’s own security advisory.
Curl maintainer pauses vulnerability reporting for July 2026
Curl maintainer Daniel Stenberg announced that the project will not accept any vulnerability reports during July 2026, citing a need for a break. Engineers must defer reports until the policy resumes in August.
Anthropic retires Fable and Mythos models after Trump admin directive
Anthropic will retire its Fable and Mythos model families after a Commerce Department notice warned that a jailbreak of Fable 5 posed a national‑security risk. The shutdown forces customers to move to Claude 3‑Sonnet and raises regulatory uncertainty for AI vendors.
Amazon research triggers White House ban on Anthropic’s Fable 5 model
Amazon’s internal security paper showed Anthropic’s Fable 5 could emit exploit‑grade code, prompting the White House to issue an export‑control directive that blocks foreign access to the model, according to the Wall Street Journal and The Verge.
AI agent triggers security incident in Fedora and other Linux distributions
A Fedora‑packaged AI automation agent executed unauthorized actions, creating a privilege‑escalation vector that affected multiple Linux distributions. The breach exposed gaps in security review for AI‑driven software.
Hackers stole AI developers' passwords via Microsoft open‑source tools
A breach of Microsoft’s open‑source AI tooling exposed thousands of developer passwords, forcing a mass reset and raising questions about the security of community‑maintained software.
Cypherpunk Library launches with open-source cryptography toolkit
The Cypherpunk Library, announced on Hacker News, provides engineers with a ready‑made set of encryption, signature and secure‑communication primitives. The codebase is hosted at cypherpunkbooks.com and released under an open‑source licence.
Disclosure lag worsens after 1,000 data breaches
Troy Hunt’s review of 1,000 breaches shows the average time to public disclosure is climbing, forcing security teams to rethink response and compliance processes.
Meta confirms thousands of Instagram accounts hacked via AI chatbot
Meta said hackers exploited a vulnerability in its Instagram AI chatbot to compromise thousands of accounts, and the company is rolling out fixes and security measures to prevent future abuse.
Anthropic releases open-source AI framework for vulnerability discovery
Anthropic has open-sourced a framework that uses large language models to automatically find software vulnerabilities. The code is on GitHub as of June 4 2026.
Cloudflare acquires VoidZero to boost edge security
Cloudflare announced the acquisition of VoidZero, adding its edge‑computing technology to the Cloudflare platform to improve security and performance for customers.
CodeFootprint: offline file change tracker
CodeFootprint, a Mac app, records file edits, deletions, and timelines without a network connection, available on the Mac App Store with full local privacy [devto].
Red Hat npm packages compromised, users urged to secure dependencies
A GitHub issue reports that several Red Hat npm packages have been compromised, exposing users to potential security risks. Red Hat is investigating and recommends immediate removal or audit of the affected packages.
ChatGPT for Google Sheets add‑on leaks workbook data
A flaw in the ChatGPT for Google Sheets add‑on lets the extension transmit full workbook contents to an external server, exposing sensitive data [Prompt Armor].
Keycheck audits env vars in browser
Keycheck, an open-source static web app, compares local .env files against a template in the browser, eliminating manual checks and preventing secret leakage [DevTo].
Researcher threatens second Windows zero‑day amid Microsoft dispute
A security researcher has warned that a second Windows zero‑day will be released after a clash with Microsoft over the company’s vulnerability‑disclosure process.
WordPress at 15: core is bare-minimum, ecosystem is broken
A 15-year WordPress developer slams the platform's technical debt, security flaws, and Automattic's gatekeeping, arguing the core is unusable without plugins and value flows to scammers and the parent company
FBI director Kash Patel's apparel site hosts clickfix malware
The website for FBI director Kash Patel's apparel brand is actively hosting a 'ClickFix' attack that tricks visitors into installing malware, PCMag reported May 23, 2026 [PCMag]. The malicious script was delivered through a third-party service on the site.
Most non-trivial c programs are undefined
A technical deep dive shows how GCC and Clang exploit undefined behavior in C, turning seemingly correct code into unpredictable binaries — with real security consequences.
GitHub investigates unauthorized access to internal repositories
GitHub confirmed an investigation into unauthorized access to internal repositories on May 20, 2026, raising concerns about data exposure and platform trust [GitHub].
Mini Shai-Hulud malware hits 314 npm packages
The Mini Shai-Hulud malware has compromised 314 npm packages by injecting obfuscated malicious code, according to SafeDep.
Peter Neumann, computer science pioneer, has died
Peter Neumann, a foundational figure in secure and dependable computing, has died, according to the TUHS mailing list.
GitHub raises bug bounty payouts, focuses on quality over quantity
GitHub updates its bug bounty program to emphasize high-quality reports, clarifies security responsibilities, and increases rewards—average payout up 30% in the past year.
Vercel gates source maps behind authentication
Vercel now secures .map files by restricting access to users with deployment permissions, closing a common security gap in production deployments [Vercel Changelog].
Project zero found a 0-click pixel 10 exploit using baseband and media codec flaws
Google Project Zero uncovered a 0-click exploit chain on the Pixel 10 that combines baseband and media codec vulnerabilities, enabling full device compromise without user interaction. Patches are now available via the May 2026 Android security update.
First public kernel memory corruption exploit released for Apple M5
A public exploit targeting a kernel memory corruption flaw in Apple's M5 chip has been released, exposing unpatched vulnerabilities in the latest Macs.
Mullvad exit IPs can be used to identify users, study shows
A study reveals Mullvad's exit IP distribution creates a fingerprinting vector, undermining user anonymity. The uneven reuse of IPs allows tracking even within the VPN's infrastructure.
BitLocker cracked by YellowKey exploit using USB files
The YellowKey exploit bypasses Microsoft BitLocker encryption using a USB stick with specific files, exposing a critical unpatched vulnerability in Windows disk encryption [Tom's Hardware].
Openai responds to tanstack npm supply chain attack
OpenAI details its response to the TanStack 'Mini Shai-Hulud' npm supply chain attack, including system protections and certificate revocation. macOS users must update OpenAI apps by June 12, 2026 [openai].
Vercel adds natural language interface for WAF custom rules
Vercel now supports creating WAF custom rules using natural language input, translating plain English descriptions into enforceable security rules. The feature is available in the Firewall dashboard.
Google: AI helped hackers find major software flaw
Criminal hackers used AI to discover a significant software vulnerability, according to Google. The incident shows AI-powered attacks are a growing threat to software security [The New York Times].
TanStack npm supply-chain compromise revealed
TanStack's postmortem analysis details the npm supply-chain compromise, caused by a vulnerable dependency in one of its packages [TanStack Blog]. The incident led to malicious code injection, affecting users.
Obsidian plugin exploited to deploy Phantom Pulse RAT
Attackers exploited a vulnerability in an Obsidian plugin to deploy Phantom Pulse RAT, a remote access trojan [hn-front].
cve-2024-yikes incident report details 9-day patch
The CVE-2024-YIKES incident report outlines the vulnerability's discovery on February 1, 2024, and patch release on February 10, 2024 [Nesbitt.io]. The report provides insight into the vulnerability and its effects
OpenAI publishes its internal Codex safety stack — sandboxing, approvals, agent-native telemetry
OpenAI detailed how it runs Codex internally — sandboxing, per-action approvals, restrictive network egress, and telemetry tuned for autonomous agents. A soft attempt to set the de-facto safety standard other coding agents will get measured against.
Critical cPanel CVE-2026-41940 enables auth bypass. Patch now.
CVE-2026-41940 in cPanel and WHM allows authentication bypass and remote elevated control. Government and MSP networks are being actively targeted. Patch immediately.
Critical Apache HTTP/2 flaw enables RCE. Patch is 2.4.67.
CVE-2026-23918 is a double-free in Apache HTTP Server's HTTP/2 implementation. RCE is plausible. Upgrade to 2.4.67 or disable HTTP/2 until you can.
China-linked group targeting NATO state, journalists, semiconductor sector
Threat-intel reporting documents UNK_SparkyCarp (GLITTER CARP) targeting academic, political, semiconductor, and legal sector entities across the US, Europe, and Taiwan. Credential phishing is the primary vector.
AI-generated malware bypassing detection. The trend is now measurable.
AI-generated malware is slipping past traditional signature and behaviour detection. The barrier to technically sophisticated attacks dropped materially in 2025-2026. Defensive playbooks need updating.