The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

New Linux ‘Copy Fail’ flaw gives hackers root on major distros

An exploit has been published for a local privilege escalation vulnerability dubbed "Copy Fail" that impacts Linux kernels ...

Script Injection and Data Theft: Python Data Analysis Tool Compromised

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...
SecurityWeek

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover

Copy Fail, a logic bug in the Linux kernel, allows users to write 4-byte code into other files’ page cache and achieve root ...
Cryptopolitan on MSN

Crypto devs face new threat from Claude-based malware

A threat group planted a malicious npm package in a crypto trading project through an AI-generated commit by Anthropic's Claude.
OSTechNix

Copy Fail: The 732-Byte Script That Roots Every Major Linux Systems

Copy Fail (CVE-2026-31431) is a severe logic flaw in the Linux kernel affecting every distribution since 2017. Patch your ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

Anthropic's new Claude Security tool scans your codebase for flaws - and helps you decide what to fix first

It uses Opus 4.7 to scan, validate, and generate patches, helping fix dangerous flaws before they can be exploited.