Dashlane explains how attackers managed to download encrypted password vaults

Dashlane said that attackers mounted a coordinated hacking campaign against a large base of its users in an attempt to ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
The Next Web

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...
TechRepublic

6 Best Free Password Managers for 2026

A free password manager protects your logins but are they all safe? Discover the best free password managers in 2026. Keeping track of our online passwords has become a challenge in today’s world. Our ...
CBSSports.com

Best sportsbook promos and betting bonuses: June 2026

Not all sportsbook promos are created equal. Some welcome bonuses reward you just for signing up; others require a winning bet, a losing bet, or a very specific set of circumstances. We cut through ...