The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
Gadget Review on MSN

Hacker used Claude and ChatGPT to breach multiple government agencies

Solo hacker used AI to breach 9 Mexican government agencies, exposing 195 million citizens' data in hours instead of weeks.

MCP, Agent Tool Access And The New Execution-Layer Security Gap

The execution layer has already shifted from humans to machines. This transition is not a future trend; it is the current ...

Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Cryptopolitan on MSN

Hackers target crypto users with fake CAPTCHA

Crypto users are facing a new security threat via fake Cloudflare CAPTCHA pages. The attack installs an infostealer built to siphon crypto wallet data.
GitHub

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw!

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw! - DerekPascarella/DreamMovie-UNLOCKED ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

How a Hacker Used Claude and ChatGPT to Breach Multiple Government Agencies?

Discover how a hacker exploited Claude and ChatGPT to breach government agencies. Learn about the AI-driven tactics used to ...