The Hacker News4h
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
Researchers found Disgrasya downloaded 37,217 times, targeting WooCommerce with carding scripts that steal payment data.
The Hacker News1d
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
Apache Parquet is a free and open-source columnar data file format that's designed for efficient data processing and ...
The Hacker News1d
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
Late last month, SEQRITE Labs revealed that academic, governmental, aerospace, and defense-related networks in Russia are ...
The Hacker News1d
OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers
Novice hacker Coquettte exposed through OPSEC failure using Proton66 to distribute malware and illicit content via fake ...
The Hacker News1d
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.
The Hacker News1d
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.
The Hacker News1d
Have We Reached a Distroless Tipping Point?
Chainguard OS cuts container vulnerabilities by 94% by continuously updating upstream packages, enhancing security and ...
The Hacker News1d
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal ...
The Hacker News2d
AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar
In our upcoming webinar, " AI Uncovered: Re-Shaping Security Strategies for Resilience in the Era of AI ," you'll hear from ...
The Hacker News2d
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
Triada malware infected 2,600+ Android devices via counterfeit phones in March 2025, enabling remote access and crypto theft.
The Hacker News2d
Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation
According to Europol, Kidflix launched in 2021 and amassed a catalog of 91,000 unique videos over time. Roughly 3.5 new ...
The Hacker News2d
Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse
Google Cloud Run is a fully managed service for executing containerized applications in a scalable, serverless environment.