The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

AMOS infostealer targets macOS through a popular AI app

AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the ...

Microsoft warns infostealer malware is 'rapidly expanding beyond traditional Windows-focused campaigns' and targeting Mac devices

Hackers are increasingly targeting macOS users with social engineering and infostealers, Microsoft warns.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Malicious MoltBot skills used to push password-stealing malware

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been published in less than a week on the tool's official registry and on GitHub.
ZDNet

1Password's new anti-phishing feature targets your most inescapable vulnerability - here's how

Accelerate your tech game Paid Content How the New Space Race Will Drive Innovation How the metaverse will change the future of work and society Managing the ...
AppleInsider

Infostealer malware database exposes millions of iCloud and email passwords

A publicly accessible database containing more than 149 million usernames and passwords was discovered, and before it was taken offline, it included logins from 900,000 iCloud users. The database ...
GitHub

A secure, session-based web sandbox for executing Python code. This application provides each user with a dedicated, isolated Docker container that persists for their browser ...

Each user session is assigned a dedicated Docker container that runs until the browser tab is closed. If your code imports a package that is not available, the sandbox automatically installs it from ...
TechRepublic

Data Leak Exposes 149M Logins, Including Gmail, Facebook

Jeremiah Fowler, a veteran security researcher, recently stumbled upon 149,404,754 unique logins and passwords, totaling about 96GB of raw data. There was no encryption… and it didn’t even have a ...