Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Illinois man admits to hacking Snapchat accounts to steal nude photos

An Illinois man pleaded guilty on Wednesday to phishing the Snapchat access codes of nearly 600 women in order to hack their accounts and steal nude photos, which he kept, sold or traded on the ...
HackadayOpinion

How Vibe Coding Is Killing Open Source

Does vibe coding risk destroying the Open Source ecosystem? According to a pre-print paper by a number of high-profile ...
SecurityWeek

Notepad++ Supply Chain Hack Conducted by China via Hosting Provider

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Francophones are hacking an internet built for English

Young people are taking to social media and other platforms to carve out algorithmic spaces for French speakers ...

Steam Game Devs Call Exploit Allegations ‘Clickbait Exaggeration’ And ‘Malicious Defamation’

As of this writing, the game is currently sitting at a “Very Positive” review score on Steam, having amassed roughly 1,876 reviews and, according to VG Insights, over 113,000 individual purchases.
The Hacker News

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain ...
dlnews

A16z Crypto wants DeFi to ditch ‘code is law’ for ‘spec is law’ to combat $649m exploit problem

DeFi protocols must adopt a more principled approach to security to mature. They could use standardised specifications that constrain what a protocol is allowed to do. Many protocols are already ...