The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Python dev saved from disaster by intuition... and AI

Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI ...
Developer Tech

OpenAI deploys GPT-5.5-Cyber for open-source vulnerability fixes

OpenAI has deployed GPT-5.5-Cyber to execute automated open-source vulnerability remediation alongside security firm Trail of ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
CSO Online

Google’s Vertex AI SDK could allow RCE through bucket squatting

Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...
The Next Web

Microsoft finds USB worm that steals cryptocurrency through clipboard hijacking and Tor

Microsoft discovered a self-spreading USB worm active since February that monitors clipboards for crypto wallets and routes stolen data through Tor.
The Hacker News

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.
Accounting Today

Crowdsourcing Code: Embedding experts in every business unit

Firms are sourcing new solutions from field staff to expand their tools and upskill their professionals. They aren't just ...
TMCnet

Renesas Acquires Pictorus to Simplify and Accelerate Embedded Application Software Development

Renesas Electronics Corporation (TSE:6723, "Renesas"), a premier supplier of advanced semiconductor solutions, announced today that a Renesas subsidiary has completed the acquisition of software ...

Praxis: The First AI-Powered Autonomous Red Team Agent Goes Live

An AI terminal that thinks, adapts, and executes — turning natural language objectives into complete penetration test ...
Manila Bulletin

Microsoft warns of USB malware that drains crypto wallets

Cybersecurity researchers at Microsoft have uncovered a sophisticated piece of malware that spreads through USB drives, intercepts cryptocurrency wallet ...