PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
The Hacker News

VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi

Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to ...

You Might Have Fallen For This CAPTCHA Scam Without Realizing — Here's What To Do Now

Security experts reveal how easy it is to get fooled by this scam and what to do if you think you've been targeted.
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...

Update Linux Now As 9-Year-Old Root Hack Confirmed, CISA Warns Users

The Cybersecurity and Infrastructure Security Agency has warned users to update their Linux systems following the discovery ...

cPanel, WHM emergency update fixes critical auth bypass bug

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be ...
The Hacker News

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

LofyGang resurfaces with LofyStealer disguised as Minecraft hack, exfiltrating IBANs and passwords to 24.152.36[.]241, ...
The Financial Express

When AI stopped answering and started acting: OpenClaw’s creator Peter Steinberger describes his big moment

Steinberger recently participated in a TED Talk session, describing his brief but transformative experience of how he made ...
Tom's Hardware on MSN

Decades-old pre-Stuxnet cyber sabotage tool breaks cover, NSA listed it as 'nothing to see here'

Fast16 appears to be at least half a decade older than Stuxnet.

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
HealthcareInfoSecurity

Attacks Surge Against Vulnerable cPanel and WHM Software

Tens of thousands of online dashboards controlling servers and web hosting accounts appear to have been compromised by ...
OSTechNix

How to Fix Copy Fail (CVE-2026-31431) Vulnerability on Ubuntu and Linux Mint

Learn how to fix Copy Fail (CVE-2026-31431) in Ubuntu and Linux Mint. Copy Fail vulnerability allows any local user gain root ...