The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
Graham Cluley

Smashing Security podcast #470: This AI security flaw might be impossible to fix

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.
Visual Studio Magazine

Slammed by Copilot Usage-Based Billing on Day 1, Facing $180 Bill for June

A journalist using GitHub Copilot Pro details how a broken editorial workflow on day one of usage-based billing led to runaway token consumption, a projected $180 monthly bill, and practical tactics ...

Inside the unseen operation to turbocharge Claude Code

An Anthropic project is using feedback from about 1,000 human software engineers to improve the performance of Claude Code, ...

Salesforce, Inc. (CRM) Discusses Product Innovation With Headless 360 and Slackbot Transcript

Discusses Product Innovation With Headless 360 and Slackbot May 29, 2026 2:00 PM EDTCompany ParticipantsValmik Desai - ...
Unite.AI

OpenAI Codex Review: I Built a Landing Page in 20 Mins

A recent Stack Overflow survey found that more than 84% of developers are already using or planning to use AI tools in their workflow. After trying OpenAI Codex for myself, I understand why. Like many ...

Google AI Studio Cheat Sheet: Features, Pricing, and More

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and ...
XDA Developers on MSN

A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of GitHub's internal source code repositories — everythi ...
Small Business

How AI is changing data subject access requests for SMEs

With the ease of producing letters with generative AI, SMEs might find themselves with more data subject access requests. Here's what to do Data subject access requests (DSAR) are formal requests made ...