The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
CCN on MSN

Binance logins among 149 million credentials exposed in infostealer malware data dump — here’s what you should know

This was not a single company breach, the credentials were harvested from millions of infected user devices using infostealer malware. Binance appeared in the dataset ...
MIT Technology Review

Rules fail at the prompt, succeed at the boundary

Put rules at the capability boundary: Use policy engines, identity systems, and tool permissions to determine what the agent ...

Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation

A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized ...

Nike investigates data breach after extortion gang leaks files

Nike is investigating what it described as a "potential cyber security incident" after the World Leaks ransomware gang leaked ...
The Hacker News

Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities

Pakistan-linked hackers targeted Indian government entities using phishing, Google services, Golang malware, and GitHub-based ...