The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
The Security Ledger

How Claude Planted Malicious Code In A Crypto-Trading App

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...

Qdrant Cloud launches high-performance vector database features for AI workloads

Open-source vector database startup Qdrant Solutions GmbH today announced three new enterprise-grade capabilities on its ...
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

Socket has notified the Eclipse Foundation, which oversees the Open VSX marketplace, of the latest fraudulent additions, and Burckhardt expects that by now all 73 have been deleted.
CNET

Phone-Maker Nothing Revives Android-to-Computer File Sharing Tool

The London-based consumer electronics brand released and then removed its new file-sharing app in favor of a more cumbersome ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
Tax Guru

GSTN Issues Advisories on Appeals, Pre-Deposit, GSTR-3B Interest & IMS Tool

Taxpayers were unable to file appeals when demand orders reflected zero liability despite disputes. The advisory clarifies that rectification must be sought to enable appeals and protect statutory ...

With WonderCMS, I was able to get my business online in just a few steps

The article will also show you why WonderCMS is a robust, small solution that suits experienced developers and new users who ...

ComfyUI Raises $30M at $500M Valuation to Scale Open-Source AI for Creative Production

Open-source AI workflow platform surpasses 4M users and 50K daily downloads as investors back creator-first infrastructureSAN FRANCISCO, April 24, 2026 (GLOBE NEWSWIRE) -- Today, ComfyUI announced a ...

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised ...
MUO on MSN

4 open-source design tools that don't require a monthly subscription

Let your imagination (and wallet) run free.
Security Boulevard

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...