The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.
unite

NordPass Review: Store Unlimited Passwords for Free

Unite.AI is committed to rigorous editorial standards. We may receive compensation when you click on links to products we review. Please view our affiliate disclosure ...
Hackaday

This Week In Security: AI Generated Reports, More AI Generated Reports, GitHub Chaos, And More Linux Vulnerabilities

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...
Bleeping Computer

Microsoft backpedals: Edge to stop loading passwords into memory

Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup after previously stating it was "by design." This behavior was ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...
Forbes

Microsoft Says Edge Password Security Vulnerability Is ‘By Design’—Is It Time To Switch To Chrome?

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
PC Magazine

Researcher Finds Microsoft Edge Stored Passwords Load in Plaintext

UPDATE 5/15: Amid backlash, Microsoft said it will " no longer load passwords into memory on startup.” The change is already available in the browser's Canary release, with the goal of rolling it out ...
Mashable

Microsoft Edge is storing passwords as plain text? Here's what Microsoft says.

UPDATE: May. 6, 2026, 9:40 a.m. EDT This piece was updated to include a statement from Microsoft. Password managers are supposed to make life easier for users by remembering their passwords and ...
Windows Central

Microsoft Edge will load all your passwords into memory in plaintext, but Microsoft says it's not a security concern

A security researcher has discovered that Microsoft Edge will load all your stored passwords into memory in plaintext at startup, making it easy for malware to scrape those passwords. When you ...
Computerworld

Edge browser leaves passwords exposed in plain text, says researcher

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter Rønning found that passwords are being ...
Dark Reading

Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk

An attacker with administrative privileges can gain access to Microsoft Edge user passwords even when they're not in use, because the browser stores them in cleartext in process memory as part of a ...