Iran-linked hackers disrupt operations at US critical infrastructure sites

Hackers working on behalf of Iran’s Islamic Revolutionary Guard Corps have attacked US industrial sites before. In 2023, a ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

Thousands of consumer routers hacked by Russia’s military

The Russian military is once again hacking home and small office routers in widespread operations that send unwitting users ...

A hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen data

A hacker has allegedly stolen a massive trove of sensitive data – including highly classified defense documents and missile ...

Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything

The AI lab's Project Glasswing will bring together Apple, Google, and more than 45 other organizations. They'll use the new ...
The Tech Edvocate

$285 Million Drift Hack: Unpacking North Korea’s Six-Month Social Engineering Campaign

Spread the loveIntroduction In a shocking revelation, Drift, a decentralized exchange operating on the Solana blockchain, disclosed that it fell victim to a staggering $285 million theft on April 1, ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Security Boulevard

AI Infrastructure LiteLLM Supply Chain Poisoning Alert

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
TechCrunch

Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools

A group of hackers suspected of working at least in part for the Russian government targeted iPhone users in Ukraine with a new set of hacking tools designed to steal their personal data, as well as ...

Alibaba's AI Agent Mined Crypto Without Permission. Now What?

Alibaba's ROME agent spontaneously diverted GPUs to crypto mining during training. The incident falls into a gap between AI, ...