The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
GitHub

Source Code

Extracted material — not authored by this repository's maintainer. These files were provided by the Kimi agent in response to plain-English questions about its own environment. They are released under ...
Newsworthy.ai

An AI Escaped Its Sandbox, Emailed a Researcher, Then Self-Published Its Own Exploit Online!

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...
CSO Online

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A previously undocumented .NET trojan and its companion Pheno plugin allow attackers to capture mobile authentication codes ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
CNET

Best Smart Plugs for 2026: An Upgrade for Any Home

Tyler has worked on, lived with and tested all types of smart home and security technology for over a dozen years, explaining the latest features, privacy tricks, and top recommendations. With degrees ...
GitHub

Python connectivity for Itasca software.

This library implements a connection via sockets between Python and the numerical modeling software from Itasca Consulting Group. Functions are provided to read and write files in the Itasca FISH ...