Notepad++ updates got hijacked for months and could have spied for China

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Notepad++ says Chinese government hackers hijacked its software updates for months

The developer of the popular text editor Notepad++ said hackers associated with the Chinese government hijacked its software ...

Malicious MoltBot skills used to push password-stealing malware

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been ...

Notepad++ users take note: It’s time to check if you’re hacked

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Notepad++ update feature hijacked by Chinese state hackers for months

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.
PCQuest

One command, full recon: Why AutoPentestX matters for Linux pentesters

AutoPentestX is an open-source Linux penetration testing toolkit that automates scanning, CVE mapping, and reporting without ...
Security Boulevard

AI-powered penetration testing: Definition, Tools and Process

AI-powered penetration testing is an advanced approach to security testing that uses artificial intelligence, machine learning, and autonomous agents to simulate real-world cyberattacks, identify ...
Hackaday

Writing An Optimizing Tensor Compiler From Scratch

Not everyone will write their own optimizing compiler from scratch, but those who do sometimes roll into it during the course ...
Morning Overview on MSN

Researchers warn open-source AI is a gold mine for cybercriminals

Open models were supposed to democratize artificial intelligence. Instead, security researchers now say they are handing cybercriminals industrial grade tools that can be downloaded, modified, and ...
Cyber Daily

Infamous North Korean hacking group divides in order to conquer

CrowdStrike shared its observations of the LABYRINTH CHOLLIMA – which itself operates under the wider umbrella of the Lazarus Group – hacking collective this week, noting that it had effectively split ...