The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
Dark Reading

Cyber OpSec Fail: Beast Gang Exposes Ransomware Server

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
CNX Software

PycoClaw – A MicroPython-based OpenClaw implementation for ESP32 and other microcontrollers

PycoClaw is a MicroPython-based platform for running AI agents on ESP32 and other microcontrollers that brings OpenClaw ...
SecurityWeek

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Storm-2561 is relying on SEO poisoning to distribute fake VPN clients that install trojans and steal users’ credentials.