The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.

WordPress malware campaign hides payloads in Steam profiles

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
GitHub

ftp-client

Cross-platform internet upload/download manager for HTTP(S), FTP(S), SSH, magnet-link, BitTorrent, m3u8, ed2k, and online videos. WebDAV client, FTP client, SSH client. WinSCP is a popular free file ...
Computerworld

Industry

EU's cloud sovereignty push leaves room for US hyperscalers The Cloud and AI Development Act signals a regulatory direction for the EU as it aims to reduce dependency on US cloud providers. But Europe ...
GitHub

Open Journal Systems

This project is tested with BrowserStack. The following list of platform requirements was generated by the Composer check-platform-reqs tool. The version numbers ...
sei.cmu

CERT Division

The CERT Division is a leader in cybersecurity. We partner with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks. We study ...