Infosecurity Magazine

North Korean Hackers Use Fake Coding Tasks to Steal Crypto

To reach protected secrets, the macOS and Linux versions show a fake password dialog, then reuse the captured password to ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Forbes

AI Hacks AI: Cybercriminals Unleash An AI-Powered, Self-Replicating Botnet

Hackers use AI to generate attack code targeting AI infrastructure, and then getting compromised AI systems to find others to attack, researchers warn in a new report. Hackers have started using large ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.
SecurityWeek

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.
Bleeping Computer

Hackers use new HexStrike-AI tool to rapidly exploit n-day flaws

Hackers are increasingly using a new AI-powered offensive security framework called HexStrike-AI in real attacks to exploit newly disclosed n-day flaws. This activity is reported by CheckPoint ...
Bleeping Computer

North Korean hackers use EtherHiding to hide malware on the blockchain

North Korean hackers have adopted the 'EtherHiding' technique that leverages smart contracts to host and deliver malware in social engineering campaigns that steal cryptocurrency. Google Threat ...
Forbes

2FA Code Attacks Surge As Russian Hackers Target Microsoft Users

Microsoft 365 is under attack, China and Russia afflited hackers suspected. Updated December 23 with advice from a mobile security solutions expert regarding the Russian device code attacks targeting ...
Redmond Magazine

Hackers Use AI to Bypass Passwords in Large Scale Phishing Attack

Instead of stealing passwords, attackers trick users into granting access themselves — using real login systems and AI-driven deception. Why does it matter? This marks a shift from stealing passwords ...