News

The Hacker News55m

Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures

Noodlophile stealer targets enterprises via copyright phishing since 2024, using Gmail, Dropbox, and Telegram for evasion.
The Hacker News4h

Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

PipeMagic is a plugin-based modular malware that uses a domain hosted on the Microsoft Azure cloud provider to stage the ...
The Hacker News9h

Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.
The Hacker News14h

How to Defend Against Root-of-Trust Attacks: Lessons from Secret Blizzard

Russian group Secret Blizzard bypassed MFA in 2025 embassy attacks via TLS root compromise, exposing MFA limits.
The Hacker News15h

AI's Hidden Security Debt

The tools designed to accelerate innovation are degrading application security by embedding subtle yet serious vulnerabilities in software. Nearly half of the code snippets generated by five AI models ...