The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Why OpenAI's 'goblin' problem matters — and how you can release the goblins on your own

If OpenAI can accidentally train its flagship model to obsess over goblins, what other more subtle and potentially harmful ...
OSTechNix

Copy Fail: The 732-Byte Script That Roots Every Major Linux Systems

Copy Fail (CVE-2026-31431) is a severe logic flaw in the Linux kernel affecting every distribution since 2017. Patch your ...
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

New Bluekit phishing service includes an AI assistant, 40 templates

A new phishing kit named Bluekit offers more than 40 templates targeting popular services and includes basic AI features for ...
Computer Weekly

Cyber experts take an optimistic view of AI-powered hacking

During the annual CETaS showcase in London, experts discussed the potential cyber risk of tools such as Claude Mythos.

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...