The Hacker News

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Trivy backdoored, FBI buys location data, iOS DarkSword kit, WhatsApp usernames, Langflow RCE, Cisco FMC zero-day & critical ...
The Hacker News

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Microsoft warns tax-season phishing hit 29,000 users via IRS lures, enabling credential theft and RMM-based access.
Cryptopolitan on MSN

GhostClaw targets developers to extract crypto wallet access

A new malware dubbed GhostClaw is targeting crypto wallets on macOS machines. The fake OpenClaw installer captures private ...
SecurityWeek

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

The Tycoon 2FA phishing platform’s operations have been largely unaffected by the recent law enforcement takedown attempt.

iPhone users in South Africa a prime target

Phone users in South Africa have become potentially lucrative targets to cybercriminals using a new attack called “DarkSword.
腾讯网

“Windows原生应用开发早已乱成一团!”

这些年,如果你还在认真考虑“要不要做一个原生 Windows 应用”,大概率会很快陷入一种说不清的困惑。一方面,这个平台看起来从不缺“新东西”:从 Win32、MFC,到 .NET、WPF,再到后来的 UWP、WinUI ...
WinBuzzer

OpenAI Acquires Python Toolmaker Astral to Boost Codex AI Agent

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...
Cyber Daily

Code security platform Trivy compromised by malicious packages

Unidentified threat actors have successfully compromised the GitHub repository for “all-in-one” security scanner Trivy, ...

"CanisterWorm" supply chain malware attacks npm

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...