The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
heise online

Google's unprotected API keys a security and cost risk due to Gemini AI

Google is working to fix a problem with its API keys after security researchers pointed out possible misuse. This is because the keys for accessing Google's cloud services, such as Maps or Firebase, ...
CoinDesk

GoPlus Security H2 2025: Executing Through Market Stress as Web3 Losses Hit $4B

In the second half of 2025, GoPlus Security continued to reinforce its position as a foundational infrastructure layer within the Web3 security stack. Rather than signaling a strategic shift, H2 was ...
CSOonline

Hidden API in Comet AI browser raises security red flags for enterprises

SquareX has disclosed a previously undocumented API within the Comet AI browser that allows its embedded extensions to execute arbitrary commands and launch applications — capabilities mainstream ...
Ars Technica

Python plan to boost software security foiled by Trump admin’s anti-DEI rules

The Python Software Foundation has rejected a $1.5 million government grant because of anti-DEI requirements imposed by the Trump administration, the nonprofit said in a blog post yesterday. The grant ...
InfoWorld

Working with Microsoft 365’s new Copilot APIs

Build AI into your enterprise content and knowledge management platform with 5 APIs that help you base your AI on enterprise data and speed up development. Microsoft has been adding AI features to its ...
Android Authority

Google Play’s latest security change may break many Android apps for some power users

Google’s updated Play Integrity API is making it significantly harder for users with rooted phones or custom ROMs to access certain applications due to enhanced security verifications. The update, now ...
SiliconANGLE

Snyk API & Web simplifies app security testing with AI-powered tools

Cybersecurity company Snyk Ltd. today announced the launch of Snyk API & Web, a new dynamic application security testing or DAST solution designed to meet the growing demands of modern and ...