New PCPJack worm steals credentials, cleans TeamPCP infections

A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing ...

7 Days: JDownloader got hacked, Chrome downloading 4GB file, and Steam Controller sold out

Our '7 Days' weekly tech roundup brings the juiciest announcements. Read about Edge browser handling passwords in plaintext, JDownloader getting hacked, and the TAB key.

Instagram encrypted messaging ends today, May 8: How to download your DM data before it becomes public

Instagram's end-to-end encrypted messaging will cease support on May 8, 2026, allowing Meta to access message content. Users ...
SecurityWeek

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

The PCPJack worm targets cloud environments and vulnerable web applications to remove TeamPCP infections and steal ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...
CSO Online

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A previously undocumented .NET trojan and its companion Pheno plugin allow attackers to capture mobile authentication codes ...
ScienceAlert

Sir David Attenborough Is 100, And The World Is Celebrating a Living Legend

Alongside other globally renowned voices such as the late, great Jane Goodall, Attenborough's work telling the stories of ...
The Hacker News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft spreads BirdCall via sqgame.net since late 2024, targeting Android users, enabling surveillance and data theft.
Windows Report

Fake OpenAI Privacy Filter Repo on Hugging Face Spread Infostealer Malware

A malicious repository on Hugging Face impersonated OpenAI’s “Privacy Filter” project and briefly reached the platform’s top trending position before removal ...

PSA: Instagram Encrypted Messaging Ends on Friday, May 8

Instagram will remove end-to-end encryption for direct messages between users from May 8, 2026. When the date comes around, ...

iOS 26.5 Brings End-to-End Encryption to iPhone-Android RCS Messages

End-to-end encryption (E2EE) for RCS messages between iPhone and Android devices is coming in iOS 26.5, Apple confirmed today ...