The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...
CNX Software

Privacy-focused, open-source Raspberry Pi Zero 2W DIY security camera offers end-to-end encryption, on-device AI

Secluso is a private, open-source, DIY home security camera system built around the Raspberry Pi Zero 2 W, featuring true end-to-end encryption (E2EE) and ...
The Hacker News

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

Massive regional C2 footprint More than 1.3K C2 Servers Discovered in the Middle East Hunt.io said it identified more than ...
WLRN

New documentary film takes audiences up close into the world of Burmese python hunting

The new film 'The Python Hunt' follows the Florida Python Challenge, a 10-day competition in the Florida Everglades that aims ...
Bleeping Computer

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...