SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
Bleeping Computer

Hacker targets other hackers and gamers with backdoored GitHub code

A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub that contain hidden backdoors to give the threat actor remote access to ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
Forbes

AI Hacks AI: Cybercriminals Unleash An AI-Powered, Self-Replicating Botnet

Hackers use AI to generate attack code targeting AI infrastructure, and then getting compromised AI systems to find others to attack, researchers warn in a new report. Hackers have started using large ...
CIO Dive

Even primitive AI-coded malware helps hackers move faster, thwart attribution

IBM researchers discovered an autonomously coded backdoor that they called unsophisticated but nonetheless ominous.