The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

Web skimming attacks target major payment networks

Web skimming campaigns use obfuscated JavaScript code to steal credit card data from checkout pages without detection by ...

Hackers are using LLMs to build the next generation of phishing attacks

What if a phishing page was generated on the spot?

Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...

Malicious GhostPoster browser extensions found with 840,000 installs

Another set of 17 malicious extensions linked to the GhostPoster campaign has been discovered in Chrome, Firefox, and Edge ...
Infosecurity Magazine

Over 80% of Ethical Hackers Now Use AI

The vast majority (82%) of ethical hackers now use AI in their workflows, enabling companies to benefit from faster findings, more assessments, broader security coverage and higher quality reporting, ...
DataBreachToday

Magecart Hits Continue: Stripe Spoofing, Supply Chain Risks

Magecart-style digital skimming attacks targeting payment card data continue, with researchers detailing an active campaign ...
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...