Sleep Number files for bankruptcy as Canadian retailer submits $415M bid

Sleep Number Corp. will be acquired by Sleep Country Canada as part of its Chapter 11 restructuring. The two combined will ...
JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...

General contractor files Chapter 11 with $7M in debts

This general contractor has $60.9 million in revenue in 2025. South Florida supplier files Chapter 11 with $8 miilion in ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Trusted Tools Become Malware Delivery Routes Arabian Post

Trusted Tools Become Malware Delivery Routes Arabian Post. clearfix> <?xml encoding=UTF-8>Attackers are increasingly abusing legitimate system utilities and widely used administrative tools to deliver ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
The Next Web

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
The Hacker News

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...
Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...
InfoQ

NodeJS Proposes Built-In Virtual File System, Sparking Debate over AI-Generated Contributions

Matteo Collina has proposed a Virtual File System (VFS) for Node.js core through the node:vfs module. The proposal includes about 19,000 lines of code and addresses common workflow challenges. While ...