The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

The disclosure comes as HelixGuard discovered a malicious package in PyPI named "spellcheckers" that claims to be a tool for ...

Malicious LLMs empower inexperienced hackers with advanced tools

Unrestricted large language models (LLMs) like WormGPT 4 and KawaiiGPT are improving their capabilities to generate malicious ...
The Hacker News

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

Big firms like Microsoft, Salesforce, and Google had to react fast — stopping DDoS attacks, blocking bad links, and fixing ...
CSO Online

RomCom tries dropping a not-so-romantic payload on Ukraine-linked US firms

The new RomCom campaign uses SocGholish fake update lures to deliver its Mythic Agent tool against US firms doing business ...

Enterprise password security and secrets management with Passwork 7

Passwork 7 unifies enterprise password and secrets management in a self-hosted platform. Organizations can automate ...
Security Boulevard

Shai-Hulud: The Second Coming

While the September 2025 Shai-Hulud attack focused primarily on credential harvesting and self-propagation, this new variant ...

Shai-Hulud 2: New version of NPM worm also attacks low-code platforms

The attackers have learned from their mistakes and have now developed a more aggressive version of the worm. It has already ...