The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
SecurityWeek

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

MCP, Agent Tool Access And The New Execution-Layer Security Gap

The execution layer has already shifted from humans to machines. This transition is not a future trend; it is the current ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

SystemRescue 13.00: New tools for data recovery and analysis

SystemRescue 13.00 is here. The Linux distribution for administrators brings a new LTS kernel and updated file system tools.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

The most innovative enterprise companies of 2026

Here’s why Figma, Microsoft, IBM, and Capital One are among Fast Company’s Most Innovative Companies in enterprise for 2026.

The invisible risk: Can you really trust your ‘private’ AI assistant to keep your secrets?

TECH AFFAIRS: Research by Israeli cybersecurity company Check Point found a weakness in ChatGPT’s system that could allow ...

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
eWeek

Anthropic's 'Claude Mythos' Leak Sparks AI Alarm

In this “Corey Noles speaks with Teradata Global AI Lead Dr. Chris Hillman, who explains that open data and technology ...