The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Python infostealers are spreading from Windows to macOS via Google Ads, ClickFix lures, and fake installers to steal credentials and financial data.
GitHub

hackpanda/MS17-010-Python

Worawit Wang released a collection of Python exploits for MS17-010. These tools worked far more reliably than the Metasploit modules but didn't have much of a payload besides writing a pwned.txt to ...
Hosted on MSN

Hacking little brother’s Twitch stream leads to wild prank

Adam B hacks his little brother’s Twitch stream and pulls off a wild prank. Alex Pretti spotted on camera moments before fatal shooting in Minneapolis Enormous freshwater reservoir discovered off the ...
Ars Technica

Many Bluetooth devices with Google Fast Pair vulnerable to “WhisperPair” hack

Pairing Bluetooth devices can be a pain, but Google Fast Pair makes it almost seamless. Unfortunately, it may also leave your headphones vulnerable to remote hacking. A team of security researchers ...
The Conversation

NZ’s health data hack needs a proper diagnosis – and a transparent treatment plan

Research Fellow, Faculty of Education, Health, and Psychological Sciences, Te Herenga Waka — Victoria University of Wellington; Flinders University; The University of Melbourne I previously worked for ...