The Hacker News

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
latesthackingnews.com

Reverse Shell Explained: Setup, Attack Chain, and Detection

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter ...
MSN on MSN

6 projects I’ve already built with my $15 Raspberry Pi Zero 2W

For such an inexpensive, tiny little SBC, it certainly gives me a lot of fun and assistance in a number of projects ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
The Hacker News

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

ESET found two Windows SprySOCKS variants with 30+ commands, C2 over TCP, UDP, and WebSocket, and government targets in 4 ...
AllAfrica.com

Nigeria: Oyetola, Others to Discuss Green Ports, Dockworkers' Welfare At 2026 Scan Day

The Minister of Marine and Blue Economy, Adegboyega Oyetola, immediate past President-General of the Maritime Workers Union of Nigeria(MWUN), Adewale Adeyanju, and President of the Nigerian Chamber of ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Euronews

Hackers are using AI to find security flaws no scanner can catch, Google warns

For the first time, hackers have used artificial intelligence to find and exploit a security flaw that no automated scanner would have caught – and Google says only its own active monitoring stopped a ...