The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

The disclosure comes as HelixGuard discovered a malicious package in PyPI named "spellcheckers" that claims to be a tool for ...
The Hacker News

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean actors deployed 197 new npm packages delivering evolved OtterCookie and GolangGhost malware through fake ...
The Hacker News

MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants

To safeguard against this line of attack, organizations are recommended to restrict B2B collaboration settings to only allow ...
The Hacker News

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Microsoft has announced plans to improve the security of Entra ID authentication by blocking unauthorized script injection ...
The Hacker News

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

Bloody Wolf targets Kyrgyzstan and Uzbekistan with Java-based loaders delivering NetSupport RAT in sector-wide phishing ...
The Hacker News

Gainsight Expands Impacted Customer List Following Salesforce Security Alert

According to information from Salesforce, reconnaissance efforts against customers with compromised Gainsight access tokens ...
The Hacker News

FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams

FBI flags $262M in account-takeover losses while researchers track AI-boosted phishing, fake stores, and holiday scam domains ...
The Hacker News

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

RomCom just hit a US engineering firm via SocGholish for the first time, deploying Mythic Agent before defenders cut the ...
The Hacker News

Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets

"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, ...
The Hacker News

Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist

Qilin has emerged as one of the most active ransomware operations this year, with the RaaS crew exhibiting "explosive growth" ...
The Hacker News

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

Researchers uncovered 5GB of leaked credentials from JSONFormatter and CodeBeautify, exposing sensitive data across critical ...
The Hacker News

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

ClickFix has become hugely successful as it relies on a simple yet effective method, which is to entice a user into infecting ...