Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...

Once-hobbled Lumma Stealer is back with lures that are hard to resist

“LummaStealer is back at scale, despite a major 2025 law-enforcement takedown that disrupted thousands of its command-and-control domains,” researchers from security firm Bitdefender wrote. “The ...
eWeek

Axiom.AI Just Solved a Math Problem No Human Could Crack

AxiomProver solved a real open math conjecture using formal verification, signaling a shift from AI that assists research to AI that discovers new truths.
IEEE

Bayesian Neural Networks via MCMC: A Python-Based Tutorial

Abstract: Bayesian inference provides a methodology for parameter estimation and uncertainty quantification in machine learning and deep learning methods. Variational inference and Markov Chain ...
eWeek

Waymo’s Driverless Taxis Could Hit London Streets Later This Year

Waymo plans a London robotaxi pilot in April and hopes to open rides to paying passengers as soon as September, pending UK regulatory approval.
Ars Technica

Many Bluetooth devices with Google Fast Pair vulnerable to “WhisperPair” hack

Pairing Bluetooth devices can be a pain, but Google Fast Pair makes it almost seamless. Unfortunately, it may also leave your headphones vulnerable to remote hacking. A team of security researchers ...