The Hacker News

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

PCPJack steals credentials via 6 Python modules exploiting 5 CVEs, enabling cloud spread and fraud-driven attacks.
Microsoft

ClickFix campaign uses fake macOS utilities lures to deliver infostealers

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.
Microsoft

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise

Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
OSTechNix

Copy Fail: The 732-Byte Script That Roots Every Major Linux Systems

Copy Fail (CVE-2026-31431) is a severe logic flaw in the Linux kernel affecting every distribution since 2017. Patch your ...