The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
CNX Software

ESP32-S3 gets post-quantum encryption with Aethyr Edge Node open-source firmware

Aethyr Research has released post-quantum encrypted IoT edge node firmware for ESP32-S3 targets that boots in 2.1 seconds and ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
InfoWorld

PEP 816: How Python is getting serious about Wasm

Another big drawback: Any modules not written in pure Python can’t run in Wasm unless a Wasm-specific version of that module ...
SecurityWeek

CrewAI Vulnerabilities Expose Devices to Hacking

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...
Interesting Engineering

Video: China’s humanoid robot captivates crowd with smooth catwalk and illusion turn

LimX Dynamics unveiled its Luna humanoid robot, featuring LiDAR navigation, RealSense cameras, and a ROS-based software stack.
GitHub

Azure Virtual Desktop Automation

This repository demonstrates a reference architecture for automating Azure Virtual Desktop (AVD) onboarding and offboarding workflows using Infrastructure as Code and DevOps pipelines. The solution ...
GitHub

Zero-config local module autoloading for Momo Framework.

vendor/composer/autoload_psr4.php — rewritten from scratch with the merged namespace map. Absolute paths are replaced with $baseDir expressions to keep the file ...