The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in ...

Russia’s military hacks thousands of consumer routers to steal credentials

The Russian military is once again hacking home and small office routers in widespread operations that send unwitting users ...

Russian government hackers broke into thousands of home routers to steal passwords

Fancy Bear, also known as APT28, has taken over thousands of residential home routers to steal passwords and authentication ...

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, ...

Hackers Turned Anthropic's Claude Code Leak into a Malware Lure

Cybercriminals are exploiting the recent Claude Code source code leak to distribute Vidar malware via fake GitHub repositories.

A.I. Is on Its Way to Upending Cybersecurity

With new systems from companies like Anthropic and OpenAI, hackers can attack with greater speed. The defense is more A.I.
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.