GhanaWeb - Ghana HomePage

Popular Open-Source Package Stole User Credentials: What It Means for Ghanaian Developers

A widely used open-source tool stole passwords and API keys from over 1 million users. Here's what Ghanaian developers need ...
Cryptopolitan

Hackers plant 73 sleeper extensions in OpenVSX to steal crypto wallets

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...

Top open source PyPI package with over 1 million downloads each month hacked to send out malware

This was not a case of stolen credentials, but rather of vulnerability exploitation.
The Hacker News

⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.

Malware campaign lures users with fake Windows Update website

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...
Wall Street Journal

AI Is Finding Bugs That Hackers Can Exploit. Get Ready for Bugmageddon.

The software bug was capable of crashing an operating system used by firewalls, servers and network appliances. It went undetected for over 27 years. Last month, it was caught by Mythos, the latest AI ...
Geopolitical Monitor

Distributed Risk: Open-Source Software as Strategic Infrastructure

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, opening up new strategic vulnerabilities and new pathways to geopolitical ...
Dark Reading

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

The leak online of exploit code for an apparent Windows zero-day flaw dubbed "BlueHammer" could be the sign of a larger issue that security researchers face when collaborating with Microsoft on ...
Morning Overview on MSN

North Korea-linked hackers used fake Teams updates to hit Axios npm

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware disguised as a Microsoft Teams error fix, turning one of the most popular ...
Gizmodo

As Meta Flounders, It Reportedly Plans to Open Source Its New AI Models

To say Meta’s attempts to become a leader in AI have thus far fallen short would be like calling Mount Everest a short hike. But the company is pot-committed to the project, with plans to spend more ...
The Verge

More open source AI models from Meta, though not right away.

Meta will “eventually” offer open source versions of its new AI models Alexandr Wang is in charge of, but first, the company “wants to keep some pieces proprietary and to ensure they don’t add new ...
CoinTelegraph

Drift Protocol says $280M exploit took 'months of deliberate preparation'

Drift Protocol said with “medium-high confidence” that the recent attack was carried out by the same actors responsible for the $58 million Radiant Capital hack in October 2024. Drift Protocol, the ...