The Hacker News

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

Unpatched Gogs flaw CVE-2025-8110 enables file overwrite and code execution, driving over 700 confirmed compromises.

Tired Of Windows 11's AI Bloat? Use This Tool To Remove It All In Seconds

It's no secret that Microsoft's drive to turn Windows 11 into an "agentic" AI-focused OS has been controversial, but being de ...
The Hacker News

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...
Decrypt

Script to Nuke AI Features from Windows 11 Goes Viral Amid Privacy Backlash

A GitHub script that disables Copilot, Recall, and other AI components in Windows 11 is going viral, echoing ongoing concerns ...

Key handover in the dark: Syncthing fork community raises alarm

The repository of the popular Syncthing fork for Android disappeared from GitHub and reappeared under dubious circumstances – is this an open-source hack?
InfoWorld

10 MCP servers for devops

Tap these Model Context Protocol servers to supercharge your AI-assisted coding tools with powerful devops automation ...
GitHub

Supply Chain Guard Kit for GitHub Enterprise

A comprehensive, production-ready security framework designed to protect GitHub Enterprise organizations from sophisticated supply chain attacks. This solution combines runtime monitoring, ...