The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...

Critical AWS supply chain vulnerability could have let hackers take over key GitHub repositories

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild service exposed several AWS-managed GitHub repositories to ...

Claude Code just got updated with one of the most-requested user features

For the end user, this update is seamless: Claude Code simply feels "smarter" and retains more memory of the conversation.
The Silicon Review

n8n Supply Chain Attack Steals OAuth Tokens Via Nodes

A supply chain attack on n8n injected malicious community nodes to steal user OAuth tokens, highlighting critical risks in ...
GovInfoSecurity

Magecart Hits Continue: Stripe Spoofing, Supply Chain Risks

Magecart-style digital skimming attacks targeting payment card data continue, with researchers detailing an active campaign ...

Why Anthropic Fenced Off Claude Code from Third-Party Tools

Developers face new Claude Code limits as Cursor and OpenCode lose access, giving you clear steps to switch or handle added ...

Ory Partners with HID to Deliver First Enterprise FIDO2 Identity Platform of the Converged Physical and Digital Era

With Converged Physical and Digital Access Control, Enterprises Can Achieve a Unified Security Posture that Replaces ...

A simple CodeBuild flaw put every AWS environment at risk – and pwned 'the central nervous system of the cloud'

A critical misconfiguration in AWS's CodeBuild service allowed complete takeover of the cloud provider's own GitHub ...

TRX Options Launch on Deribit by Coinbase, Expanding Institutional Access to the TRON Ecosystem

Geneva, Switzerland, January 14th, 2026, FinanceWireTRON DAO, the community-governed DAO dedicated to accelerating the ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...

Trust Wallet links $8.5 million crypto theft to Shai-Hulud NPM attack

Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is ...