The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Dark Reading

Cyberattack on Mexico's Gov't Agencies Highlight AI Threat

Using Anthropic and OpenAI's AI systems — and a detailed playbook prompt — cyberattackers gained access to Mexico's agencies ...
Dark Reading

Indian APT 'Sloppy Lemming' Targets Defense, Critical Infrastructure

India-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based ...
The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

A Brain-Invading Worm Spread By Rats and Snails Has Reached California

A brain-invading worm spread by rats and snails is making inroads into the United States. A study this week seems to show the ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages ...

How CO₂-sensing neurons in a worm could eventually protect humans from metabolic stress

All animals, including humans, experience stress. Not the type where you worry about paying bills, but metabolic ...
CSO Online

Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a ...
Infosecurity Magazine

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.
Independent Online

New virus worms itself into computers

Internet service providers have warned of a new virulent computer worm that is making its rounds across the Internet causing major problems to users. Called the W32/MiMail-A or WORM_MIMAIL.A the virus ...
TechRadar

North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Lazarus Group evolving Operation Dream Job campaign to target Web3 developers New “Graphalgo” variant uses malicious dependencies in legitimate bare-bone projects on PyPI/npm ReversingLabs found ~200 ...