The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Make Tech Easier

Malware Ridden Fake CAPTCHAs Make Me Hate CAPTCHAs Even More

Is that CAPTCHA you just encountered real? Find out how fake CAPTCHAs are installing hidden malware and how to stay safe.
Ars Technica

Poland’s energy grid was targeted by never-before-seen wiper malware

Researchers on Friday said that Poland’s electric grid was targeted by wiper malware, likely unleashed by Russia state hackers in an attempt to disrupt electricity delivery operations. A cyberattack, ...
Bleeping Computer

New Android malware uses AI to click on hidden browser ads

A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact with specific advertisement elements. The mechanism relies on visual ...
Infosecurity-magazine.com

VoidLink Linux Malware Was Built Using an AI Agent, Researchers Reveal

VoidLink, the recently discovered Linux malware which targets Linux-based cloud servers, was likely almost entirely generated by AI, researchers have said. First detailed by cybersecurity analysts at ...
PC World

This fake ad blocker malware impersonated uBlock Origin’s developer

PCWorld reports that a malicious Chrome extension called ‘NexShield Smart Ad Blocker’ impersonated uBlock Origin’s developer Raymond Hill to distribute the dangerous ModeloRAT trojan. The fake ad ...
PC Magazine

From Firefox Malware to Stolen Pornhub Data: This Week's Security News Is Not Sexy

A wave of recent breaches and malware discoveries shows how easily trusted software and private data can be exploited. I've been writing and editing stories for almost two decades that help people use ...
Computer Weekly

What is driving the rise of infostealer malware?

Cyber criminals would much rather log in than hack in. That’s why infostealer malware, designed to exfiltrate user credentials, browser data, messages, documents, images, and device information, is ...
SiliconANGLE

‘PyStoreRAT’ malware uses fake developer tools on GitHub to infect Windows systems

A new report out today from endpoint security firm Morphisec Inc. details a previously undocumented malware family dubbed “PyStoreRAT” that abuses trusted open-source platforms and Windows scripting ...
CSOonline

Polymorphic AI malware exists — but it’s not what you think

We are either at the dawn of AI-driven malware that rewrites itself on the fly, or we are seeing vendors and threat actors exaggerate its capabilities. Recent Google and MIT Sloan reports reignited ...
Dark Reading

How Malware Authors Are Incorporating LLMs to Evade Detection

Threat actors are testing malware that incorporates large language models (LLMs) to create malware that can evade detection by security tools. In an analysis published earlier this month, Google's ...
Bleeping Computer

Google exposes BadAudio malware used in APT24 espionage campaigns

China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods. Since 2022, ...