New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...
SecurityWeek

OpenAI Rolling Out ChatGPT Account Security Controls

OpenAI is making two ChatGPT security controls more widely available, giving users additional tools to protect their accounts ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...

Worrying open-source security issue 'BadHost' could affect millions of AI agents

The risk is "materially understated", researchers are saying as passwords and critical data can be exfiltrated.
Crowdfund Insider

DeFi Security Breach : Module Linked to Gnosis Safe Wallets Exploited, Resulting in $3.2 Million Loss

A vulnerability in an external module associated with Gnosis Safe (rebranded as Safe) multi-signature wallets enabled an ...
The Hacker News

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

Massive regional C2 footprint More than 1.3K C2 Servers Discovered in the Middle East Hunt.io said it identified more than ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
Forbes

5 Benefits And Risks Of Using AI For Cybersecurity

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. AI Artificial Intelligence Security Sentinel Password Cyber Security Ransomware Email ...
CNX Software

Privacy-focused, open-source Raspberry Pi Zero 2W DIY security camera offers end-to-end encryption, on-device AI

Secluso is a private, open-source, DIY home security camera system built around the Raspberry Pi Zero 2 W, featuring true end-to-end encryption (E2EE) and ...
The Daily Telegraph

Tech boss sacks HR team for ‘creating problems that didn’t exist’

Founder of US fintech firm Bolt was reinstated as chief executive last year As the Markets Editor at The Telegraph, Chris Price covers news from global financial markets and how they are affected by ...