The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

Backdoored PyTorch Lightning package drops credential stealer

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...

CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
Tom's Guide

11 Home Depot Promo Codes in May 2026 | 10% OFF

Use one of our 11 Home Depot promo codes to save money on everything from large kitchen appliances to outdoor furniture. All coupon content is created by Tom’s Guide. We may earn a commission if you ...

Online archives of over 20 years of tech reporting | The Register

Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...
OSTechNix

Copy Fail: The 732-Byte Script That Roots Every Major Linux Systems

Copy Fail (CVE-2026-31431) is a severe logic flaw in the Linux kernel affecting every distribution since 2017. Patch your ...