Shai-Hulud Worm Returns: 300+ NPM Packages Compromised
The npm Shai-Hulud worm has returned with 300+ compromised packages. GitHub's September fixes failed to stop the self-replicating malware spreading through Zapier, PostHog, ...
OpenAI’s Age Prediction Backlash: Adult ChatGPT Users Revolt
OpenAI’s age verification system just went live, and paying subscribers are furious. The AI-powered age ...
MCP Security Startup Runlayer Raises $11M as Protocol Creator Joins Advisory Board
MCP security startup Runlayer emerged from stealth with $11M from Khosla Ventures and 8 unicorn ...
Meta Buried Evidence Instagram Harms Children – Court Filing
Court filings unsealed Nov 22 reveal Meta buried research proving Instagram harms children's mental health. ...
Browser Fingerprinting: Privacy Nightmare You Can’t Clear
Hacker News developers are alarmed: 662 upvotes and 386 comments today on a story about ...
Windows 11’s AI Agents: Privacy Invasion or Convenience?
Microsoft announced Agent Workspace at Ignite 2025 on November 18, 2025—just four days ago—giving Windows 11 background AI agents read and write access ...
Google Killed Privacy Sandbox: Third-Party Cookies Live On
After 4 years and 5 delays, Google abandoned cookie deprecation. Privacy Sandbox failed. Why developers ...
AI Code Reviews Are Security Theater: Why False Positives Win
Your AI code reviewer just approved the code that will cause next month’s security incident. ...
GitHub’s AI Now Writes Security Fixes – And Creates PRs
GitHub Code Scanning Auto-Fix AI writes security patches. 85% accurate, 40-60% faster, but 15% wrong. ...
Okta’s AI Copilot Hallucinated a Fake Author on Security Fix
GitHub Copilot invented a fake person when Okta maintainer used AI to commit a security ...