The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

The disclosure comes as HelixGuard discovered a malicious package in PyPI named "spellcheckers" that claims to be a tool for ...
The Hacker News

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

Big firms like Microsoft, Salesforce, and Google had to react fast — stopping DDoS attacks, blocking bad links, and fixing ...

Malicious LLMs empower inexperienced hackers with advanced tools

Unrestricted large language models (LLMs) like WormGPT 4 and KawaiiGPT are improving their capabilities to generate malicious ...

Enterprise password security and secrets management with Passwork 7

Passwork 7 unifies enterprise password and secrets management in a self-hosted platform. Organizations can automate ...
Security Boulevard

Shai-Hulud: The Second Coming

While the September 2025 Shai-Hulud attack focused primarily on credential harvesting and self-propagation, this new variant ...
InfoQ

Aspire 13 Delivers Multi-Language Support and Significant Enhancements Across the Platform

Aspire 13 has been released as a major milestone in the platform's evolution. As reported by the team, Aspire is no longer ...

Shai-Hulud 2: New version of NPM worm also attacks low-code platforms

The attackers have learned from their mistakes and have now developed a more aggressive version of the worm. It has already ...