CSO Online

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Queerty

Figging, bottom fever & hardness: this urologist has some very gay expertise to share

The urologist and sexual health expert is putting his skills to good use on TikTok, and this is exactly the season we need ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Security News This Week: Crypto-Funded Chinese Peptide Labs Are Booming

Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite ...

Shaw Festival review: Funny Girl delivers the laughs to fill a post-Hacks void

Though it’s true that Holmes’s Funny Girl could be more biting in its unpacking of Brice’s life and legacy, the Shaw Festival ...
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...
Hackaday

If You Want To Hack Me, Come In Through The Speaker

Some security hacks require someone to have physical access to your computer. In many cases, that’s easy to mitigate. Other ...

Webcam-hacking Minecraft malware is disguising itself as mods, and it's infected thousands of PCs

The malware, built to look like Minecraft launchers and mods, gives hackers access to your screen, files, webcam, accounts, ...
The Hacker News

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

A large-scale campaign impersonates open-source and freeware project portals to redirect users through a gated TDS and ...
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
The Hacker News

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...

Ableton is letting musicians build browser-style extensions for Live

The company provides a handful of example extensions that include the ability to bulk rename tracks, sketch out song ...