The Hacker News

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Communications of the ACMOpinion

The Coming Commoditization of Computational Thinking

Reimaging professional and educational practices for an AI-augmented future.
Security Boulevard

AI Infrastructure LiteLLM Supply Chain Poisoning Alert

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...
Dark Reading

Intermediaries Driving Global Spyware Market Expansion

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...