ActiveState Unifies 79M Components to Launch World's Largest Secure Open Source Catalog

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
InfoWorld

Beyond NPM: What you need to know about JSR

NPM, the Node Package Manager, hosts millions of packages and serves billions of downloads annually. It has served well over the years but has its shortcomings, including with TypeScript build ...
Ars Technica

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, ...

Google and iVerify reveal government-grade iPhone exploit kit spreading to hackers

Google and iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones ...

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted ...
CSO Online

AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning

CyberStrikeAI lowers the barrier to complex cyberattacks by combining AI orchestration, MCP integration, and more than 100 ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages ...
Decrypt

Apple iPhone Hacking Kit Used By Spies, Crypto Scams Could Have US Intelligence Origins

Researchers said a sophisticated exploit kit with 23 iOS vulnerabilities is being used by espionage and cybercrime campaigns.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
Game Rant

ARC Raiders Players Find Yet Another Game-Breaking Exploit

After completing a degree in Film, Television, and Cultural Studies at Manchester Metropolitan University, I decided to pursue my love of writing and video games by entering the world of video game ...