The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...
The Hacker News

Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell

MalTerminal, created before Nov 2023, shows earliest LLM-embedded malware, signaling new AI-driven cyber threats.
Crypto News

CZ Warns of Advanced North Korean Hackers Posing as Job Candidates to Infiltrate Crypto Companies

Binance founder CZ Zhao issued urgent warnings about North Korean hackers infiltrating crypto companies through fake job ...

Companies Are Competing for Employees With AI Skills. So Are Hackers.

AI expertise, English language proficiency and cloud skills are among the most desired traits for ransomware gangs seeking help.

A mysterious Chinese AI pentesting tool has appeared online, with over 10,000 downloads so far

Widely adopted it is. The tool is freely available on PyPI, the world’s biggest Python Package Index, and it has been ...
Hackaday

Further Adventures In Colorimeter Hacking

One of the great things about sharing hacks is that sometimes one person’s work inspires someone else to take it even further ...
CSO Online

CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy

The new AI-native framework, freely available online, could make advanced cyberattacks faster, easier, and more accessible ...

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

Developers joke about “coding like cavemen” as AI service suffers major outage

The speed at which news of the outage spread shows how deeply embedded AI coding assistants have already become in modern ...

Panda-monium: China-backed cyber crew spoof Congressman to dig for dirt on US trade talks

Proofpoint said this week that it had spotted a Chinese state-backed crew TA415 – also known as APT41, Wicked Panda or Brass ...

AI-powered penetration tool, an attacker's dream, downloaded 10K times in 2 months

In a report published today and shared with The Register, the AI security company's Regalado and fellow researcher Amanda ...
Security Boulevard

Chinese-Made Villager AI Pentest Tool Raises Cobalt Strike-Like Concerns

Villager is being pitched as a legitimate AI-powered pentest tool for red teams, but the platform, made by Chinese company Cyberspike, has been loaded almost 11,000 times on PyPI in two months, ...