APT37 hackers use new malware to breach air-gapped networks

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.
The Hacker News

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the ...
CSO Online

Your personal OpenClaw agent may also be taking orders from malicious websites

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
New York Magazine

The AI-Powered Hacking Spree Is Here

A hacker exploited Anthropic PBC’s artificial intelligence chatbot to carry out a series of attacks against Mexican ...

Linux explores new way of authenticating developers and their code - here's how it works

Linux kernel maintainers propose a less painful process for identifying developers. See how it can make Linux code safer than ever.
SecurityWeek

‘Arkanix Stealer’ Malware Disappears Shortly After Debut

The Arkanix Stealer malware can collect and exfiltrate system information, browser data, VPN information, and arbitrary files ...

Russian hacker uses multiple AI tools to break hundreds of firewalls

A Russian hacker was recently seen brute-forcing their way into hundreds of firewalls - but what makes this campaign really stand out is the fact that the seemingly low-skilled threat actor was able ...

AI helps novice threat actor compromise FortiGate devices in dozens of countries

Generative AI tools analyzed target networks and wrote exploit code, enabling an opportunistic attacker to have an outsized ...
Computing

AI-powered hacker breaches 600 FortiGate firewalls, Amazon warns

An AI-assisted hacker campaign breached over 600 FortiGate firewalls worldwide by exploiting weak credentials and public interfaces in a chilling demonstration of how generative AI ...
GitHub

A simple, safe magic login link generator for Laravel

This package provides a temporary signed route that logs in a user. What it does not provide is a way of actually sending the link to the route to the user. This is because I don't want to make any ...