The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
SecurityWeek

Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion

Claude AI guided a threat actor toward OT ICS SCADA systems in an attack on a water and drainage utility in Mexico.

Hackers used Daemon Tools' own website to silently install backdoors on thousands of PCs for nearly a month

Cybersecurity researchers at Kaspersky found that the attack compromised multiple versions of Daemon Tools, from 12.5.0.2421 through 12.5.0.2434. What made the campaign particularly difficult to ...
Bleeping Computer

Hackers abuse Google ads for GoDaddy ManageWP login phishing

A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy’s ...

MuddyWater hackers use Chaos ransomware as a decoy in attacks

The MuddyWater Iranian hackers disguised their operations as a Chaos ransomware attack, relying on Microsoft Teams social ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

This critical Linux vulnerability is putting millions of systems at risk - how to protect yours

CVE-2026-31431, also known as Copy Fail, is a critical Linux kernel vulnerability that's been hiding out since 2017 and is ...
SecurityWeek

Hacker Conversations: Joey Melo on Hacking AI

Joey Melo explains how he uses jailbreaking and data poisoning to manipulate AI guardrails and harden machine learning models ...

Trojan abuses Microsoft Phone Link app to steal your passwords

The CloudZ Trojan steals data through Microsoft Phone Link. The campaign has been active since at least January 2026.  Follow ...
The Hacker News

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

SMS blasters, npm supply chain hits, and unpatched Windows flaws. Stay ahead of new phishing kits and exposed servers.
TWCN Tech News

How to skip consent prompt for RDP connections in Windows Server

In this post, we will show you how to skip the consent prompt for RDP connections in Windows Server. Microsoft has released a security update for the Remote Desktop Connection that will show a new ...