New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Analytics Insight

Crypto News Today: JINX-0164 Hackers Use Fake Meeting Links to Target Crypto Developers

JINX-0164 has targeted crypto developers through fake LinkedIn meeting invites that lead to macOS malware infections, ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
The Hacker News

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

An AI-driven worm using a local open-weight LLM autonomously exploited and replicated across 62% of a 33-host test network in ...

Fritz SmartEnergy 250: PV battery control via emulation

If you use batteries with a balcony power plant, you can control them according to your needs. Can Fritz SmartEnergy 250 ...

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and ...
Biometric Update

Notre Dame researchers release open-source iris recognition tools built for NIST testing

The work addresses a gap in biometric testing, as NIST’s IREX has focused primarily on closed-source commercial iris ...
Pro-Linux

Sicherheit: Preisgabe von Informationen in python-urllib3

Plattformen: SUSE Linux Enterprise Micro 5.3, SUSE Linux Enterprise High Performance Computing 15 SP4, SUSE Linux Enterprise Server 15 SP4, SUSE Linux Enterprise Server for SAP Applications 15 SP4, ...
Martin Cid Magazine

GlassWorm hid invisible code in VS Code extensions for a year before its takedown

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...
NETGEAR

Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet

In collaboration with Google and the Shadowserver Foundation, CrowdStrike Counter Adversary Operations team struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing ...
Techzine Europe

CrowdStrike takes down Glassworm botnet

CrowdStrike, in collaboration with Google and the Shadowserver Foundation, has dismantled an international botnet that ...

CrowdStrike, Google shatter Glassworm botnet

CrowdStrike, working with Google and the Shadowserver Foundation, said it has taken down the Glassworm botnet, a self-propagating, credential-stealing worm that has targeted developers and spread ...