SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
VnExpress International on MSN

How a self-taught Vietnamese high schooler built the malware that infected 94,000 computers worldwide

International cybersecurity firms had been tracking a sophisticated malware strain called PXA Stealers for months, tracing it ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
HealthcareInfoSecurity

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

Apple made strides with iOS 26 security, but leaked hacking tools still leave millions exposed to spyware attacks

Leaked hacking tools threaten the security of millions of older iPhones. Cybersecurity experts weigh in.

Claude Code can now take over your computer to complete tasks

Anthropic also warns that, when computer use is activated, Claude will be able to see anything visible on-screen, including ...
PCMag

Malware Is Sleeping on the Blockchain, and It's Already Infected Dozens of Global Targets

Experts warn the campaign could outpace past global cyberattacks, with hundreds of thousands of credentials already ...

Pro-Iranian group claims credit for hack of FBI Director Kash Patel’s personal account

A pro-Iranian hacking group is claiming to have hacked an account of FBI Director Kash Patel and has posted online what ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...