The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
IEEE

Python Source Code Vulnerability Detection Based on CodeBERT Language Model

Abstract: Programming language source code vulnerability mining is crucial to improving the security of software systems, but current research is mostly focused on the C language field, with little ...
GitHub

Octopus Deploy Official MCP Server

Octopus makes it easy to deliver software to Kubernetes, multi-cloud, on-prem infrastructure, and anywhere else. Automate the release, deployment, and operations of your software and AI workloads with ...
Infosecurity-magazine.com

VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code

A Linux-based command-and-control (C2) framework capable of long-term intrusion across cloud and enterprise environments has been further analyzed in new research. Known as VoidLink, the malware ...
GitHub

Auto Portable Python Deployer

A self-bootstrapping tool that generates fully portable, zero-install Python deployment packages for Windows. No system Python required. No admin rights. No PATH ...
CPO Magazine

Over 800,000 Internet-Exposed Telnet Servers Affected by Decade-old Critical Security Vulnerability

Hackers are exploiting a decade-old, critical security vulnerability affecting hundreds of thousands of internet-exposed Telnet servers. CVE-2026-24061 is a critical (CVSS V3 9.8) authentication ...
The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Despite more than a month after ...