New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...
USA Today

Native Florida rodent could go extinct, thanks to Burmese python

Burmese pythons, a prolific and invasive species of snake, could cause the extinction of an endangered rodent native to Florida. According to a recent paper, the populations of Key Largo woodrats and ...
app.com

ANY.RUN Releases Malware Trends Report for Q4 2025, Highlighting Key Threat Landscape Shifts

DUBAI, DUBAI, UNITED ARAB EMIRATES, January 7, 2026 /EINPresswire.com/ — ANY.RUN, a leading provider of interactive malware analysis and threat intelligence ...
BizTech

How Can Public and Private Key Encryption Protect Private Data?

As part of daily operations, small businesses may need to collect or exchange sensitive data that should be protected. It could be a financial transaction, a mailing address or some other personally ...
Science Daily

Scientists just sent unhackable quantum keys across 120 kilometers

Scientists have taken a major step toward ultra-secure quantum communication by demonstrating a remarkably stable quantum encryption system that worked across more than 120 kilometers of optical fiber ...
Wall Street Journal

‘Dark Screens’ Review: Encryption Enrichment

As Anja Shortland tells us in “Dark Screens,” one employee at Maersk’s head office in Copenhagen recalls “the surreal experience of watching his open-plan office going offline in a matter of seconds: ...
Dark Reading

VoidStealer Malware Darts Past Google Chrome's Encryption

In another sign that browsers continue to be a prime attack target, authors of the VoidStealer Trojan have uncovered a way to bypass a Chrome security feature designed to protect session cookies and ...
AppleInsider

New Mac malware goes straight for developer keys

Two newly discovered macOS threats are designed to harvest developer credentials and cloud access as attackers focus on long-term persistence and avoid fast, visible attacks. The Mosyle security ...
CSOonline

Chrome ABE bypass discovered: New VoidStealer malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege escalation, raising concerns about the future of browser data security. A new ...
Bleeping Computer

VoidStealer malware steals Chrome master key via debugger trick

An information stealer called VoidStealer uses a new approach to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser. The ...