The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
Self-Propagating npm Worm Hijacks Packages to Exfiltrate Developer Tokens
A worm is spreading laterally through the npm ecosystem by compromising maintainer accounts, injecting malicious payloads into published packages, and using har
Self-propagating npm worm steals dev tokens and republishes via hijacked publish rights
A worm-class supply-chain attack is moving through the npm registry by abusing publish tokens it finds on compromised developer machines. Socket and StepSecurit
Spain takes down Spanish-speaking world's largest manga piracy site, $4.7M seized
Spanish police dismantled what they describe as the largest Spanish-language manga piracy operation, running since 2014 and pulling in millions of monthly visit
SystemBC C2 Server Exposes 1,570+ Victims Tied to Gentlemen Ransomware Crew
A misconfigured SystemBC command-and-control server has leaked the operational footprint of The Gentlemen ransomware group, exposing more than 1,570 compromised
Teams Efficiency Mode lands in May to rescue low-spec PCs from Electron bloat
Microsoft is shipping an Efficiency Mode for Teams on Windows and Mac in early-to-mid May 2026, enabled by default on devices with constrained CPU and memory. T
Vishing Crews Now Run Like Sales Floors: Inside the Caller-as-a-Service Economy
Phone scam operations have matured into a segmented service economy that mirrors legitimate enterprise structure. Distinct specialists handle malware developmen
Windows Defender Weaponized: Exploits Turn the OS's Built-in Guard Against Users
Researchers have demonstrated techniques that subvert Windows Defender, converting Microsoft's default endpoint protection into an offensive instrument. By abus
AI Pilots Die in Production: The Gap Between Demo and Deployment
Most enterprise AI initiatives collapse in the handoff from proof-of-concept to production. The demo runs on curated data in a controlled environment with a nar
Anthropic Reinstates Sanction for OpenClaw-Style Claude CLI Reuse
OpenClaw's documentation confirms that Anthropic has given the green light — again — to reusing the bundled Claude CLI (`claude -p`) as a backend for third-part
Apache ActiveMQ flaw exploited in the wild, 6,400 servers exposed
A 13-year-old code injection flaw in Apache ActiveMQ (CVE-2026-34197) is under active exploitation, with Shadowserver counting more than 6,400 exposed instances
Apple names John Ternus CEO as Tim Cook moves to executive chairman
Apple's board has unanimously approved a leadership transition effective September 1, 2026: Tim Cook steps aside as CEO to become executive chairman, and hardwa
Apple names John Ternus CEO as Tim Cook steps down September 1
Tim Cook is vacating the Apple CEO role on September 1, 2026, ending a 15-year run at the top. John Ternus, currently Senior Vice President of Hardware Engineer