I knew about North Korean hackers—they still tricked me and got into my computer

A source reached out to me over Telegram. I didn’t realize his account was compromised until it was almost too late.
The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

How a Hacker Used Claude and ChatGPT to Breach Multiple Government Agencies?

Discover how a hacker exploited Claude and ChatGPT to breach government agencies. Learn about the AI-driven tactics used to ...

A maverick hacker got Mac OS X running on a Wii

You may already know that emulators can run Wii games on a Mac. But one developer has flipped the script. Bryan Keller now ...

OpenAI responds to Axios HTTP hack by updating security certificates.

When hackers got access to an account belonging to the maintainer of Axios they inserted a script that granted remote access to users’ Windows, macOS, and Linux devices. This malicious version ...

New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

Hackers are using WhatsApp messages to deliver malware to Windows PCs, exploiting user trust and attachments to trigger ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Now that's different - hackers use miniature SVG images to try and hide credit card stealer

Card skimmers were found in 1x1 pixel SVG images, apparently deployed through PolyShell.

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...