Iran-linked hackers disrupt operations at US critical infrastructure sites

Hackers working on behalf of Iran’s Islamic Revolutionary Guard Corps have attacked US industrial sites before. In 2023, a ...

Hack-for-hire group caught targeting Android devices and iCloud backups

Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

Anthropic’s Project Glasswing: An AI Model to Fight AI Cyberattacks

Discover Anthropic's Project Glasswing, a new cybersecurity initiative using the Claude Mythos model to combat AI-driven ...
The Hacker News

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.
Hackaday

Drawing Tablet Controls Laser In Real-Time

Some projects need no complicated use case to justify their development, and so it was with [Janne]’s BeamInk, which mashes a ...
GitHub

Python BF Hardline Hack 2025 Win

Enhance your Battlefield Hardline gameplay with this powerful Windows-based hack tool. Designed for the 2025 release, our project provides optimized features to dominate multiplayer matches, including ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...