The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.

Your passkeys could be vulnerable to attack, and everyone - including you - must act

When a clickjack attack managed to hijack a passkey authentication ceremony, were password managers really to blame? ZDNET's investigation reveals a more complicated answer.
The Independent

Beware the QR code: How a new scam is costing consumers £10,000 per day

Whether you’re ordering drinks to your table in a pub or want to pay for car parking, QR codes make life simple. A quick scan of a black-and-white grid on your mobile phone takes you straight to a ...
itc.ua

A hacker hacked Burger King through the password "admin", which was just in the HTML

A “white” hacker has hacked Burger King — and it turned out to be much easier than expected. Someone left the password “admin” right in the site’s code. The “ethical” hackers BobDaHacker and ...
Daily Mail

Russia's mysterious 'Doomsday Radio' broadcasts two new codewords

Russia's mysterious 'Doomsday Radio' came to life on Monday, sending out two cryptic voice messages to unknown listeners. The Cold War-era shortwave station has been broadcasting a continuous, ...
The Independent

Google issues warning to billions of Gmail users over password hack

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or ...
PC World

I use a Windows QR code to make sharing Wi-Fi login credentials easy. Here’s how

Have you ever found yourself having to constantly write out or say your Wi-Fi login and password to family and friends that visit or stay over? I know I have. A simple solution to that problem is to ...
Mint

Mint Explainer: Breaking down the key proposals in the Insolvency and Bankruptcy Code Amendment Bill, 2025

Finance and corporate affairs minister Nirmala Sitharaman tabled the Insolvency and Bankruptcy Code (Amendment) Bill, 2025, in the Lok Sabha on Tuesday. The proposed amendments aim to reduce ...
AOL

How to Stay Safe After the 16 Billion Password Leak

Hackers have exposed 16 billion login credentials, including passwords, in what researchers at Cybernews are calling one of the largest data breaches ever in existence. You don't need to panic, but ...
ZDNet

Best password managers for iPhone 2025: My favorite iOS password managers for locking down online accounts

'ZDNET Recommends': What exactly does it mean? ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including ...
PC Gamer

A single guessed password has led to a cyberattack that put a fully insured 158-year-old company out of business despite security practices being up to code

It may just be a recurring nightmare for me, but one employee's weak password has led to the close of an entire company. According to the BBC, that's all it took to take down the 158-year long running ...
The Hacker News

PoisonSeed Attack Turns Out to Be Not a FIDO Bypass After All

Cybersecurity firm Expel, in an update shared on July 25, 2025, said it's retracting its findings about a phishing attack that it said leveraged cross-device sign-in to get around FIDO account ...