SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public disclosure.

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, ...
The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
MarketWatch

Stay Connected for the FIFA World Cup 2026(TM) with Visible's New eSim Travel Pass

The FIFA World Cup(TM) is coming to the U.S., and while teams fight for the trophy, international fans shouldn't have to fight for a signal. As an official connectivity sponsor of FIFA World Cup ...
El Diario NY

Stay Connected for the FIFA World Cup 2026™ with Visible’s New eSim Travel Pass

NEW YORK–(BUSINESS WIRE)–The FIFA World Cup™ is coming to the U.S., and while teams fight for the trophy, international fans shouldn’t have to fight for a signal. As an official connectivity sponsor ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
GitHub

api_test_results_20250607_123111.json

WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection — all without a single pixel of video. - lulanghero/wifi-densepose ...