The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...

I used AI to fix my biggest Windows 11 annoyances in minutes

You can now take advantage of this classic Windows scripting tool even if you have zero programming experience.
CSO Online

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A previously undocumented .NET trojan and its companion Pheno plugin allow attackers to capture mobile authentication codes ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
InfoWorld

Why it’s so hard to create stand-alone Python apps

Ever wonder why packaging a Python app and its dependencies as a single executable is such a pain? Blame it on the dynamism ...
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

Do not fall for this fake Windows update support site. It’s spreading a password-stealing malware

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...
Visual Studio Magazine

VS Code v1.110 Insiders: AI Agents Gain Native Browser Access and Global Instructions

Native browser integration in chat is designed to make web debugging tasks (DOM interaction, screenshots, console logs) available directly to AI agents. Agent workflows are expanding with ...
CSOonline

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools. In a recent incident, attackers abused a legitimate but vulnerable Windows ...
Dark Reading

EnCase Driver Weaponized as EDR Killers Persist

Threat actors are using a forensic tool's Windows kernel driver to kill security products, despite the fact the driver's digital certificate was revoked more than a decade ago. In a blog post ...