Infosecurity Magazine

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
The Hacker News

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.
Tom's Guide

Thousands of TP-Link routers have been infected by a botnet to spread malware

For the fastest way to join Tom's Guide Club enter your email below. We'll send you a confirmation and sign you up to our newsletter to keep you updated on all the latest news. By submitting your ...
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
The Register on MSN

AI agent seemingly tries to shame open source developer for rejected pull request

Belligerent bot bullies maintainer in blog post to get its way Today, it's back talk. Tomorrow, could it be the world? On ...
Security Boulevard

Agentic AI Security Starter Kit: Where Autonomous Systems Fail and How to Defend Against It

Many teams are approaching agentic AI with a mixture of interest and unease. Senior leaders see clear potential for efficiency and scale. Builders see an opportunity to remove friction from repetitive ...
Krebs on Security

Who Operates the Badbox 2.0 Botnet?

The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2 ...
Krebs on Security

Kimwolf Botnet Lurking in Corporate, Govt. Networks

A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to ...
SecurityWeek

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects

The botnet’s propagation is fueled by the AI-generated server deployments that use weak credentials, and legacy web stacks. An evolved GoBruteforcer botnet variant has been targeting cryptocurrency ...
Fox News

Why your Android TV box may secretly be a part of a botnet

Android TV streaming boxes that promise "everything for one price" are everywhere right now. You'll see them on big retail sites, in influencer videos, and even recommended by friends who swear ...
PC Magazine

5 Cybersecurity Disasters You Missed This Week: Airport Wi-Fi Hacks, Botnets, Spyware Extensions, and More

From record-breaking DDoS attacks to millions infected by malicious extensions, this week delivered some of the most alarming cyber incidents of the year. I've been writing and editing stories for ...