The FBI confirmed Russian hackers are inside thousands of home routers

It’s not theoretical. The DOJ went to court over it. Your router may be redirecting you to fake bank login pages. Here’s what ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
OSTechNix

Copy Fail: The 732-Byte Script That Roots Every Major Linux Systems

Copy Fail (CVE-2026-31431) is a severe logic flaw in the Linux kernel affecting every distribution since 2017. Patch your ...

New Linux ‘Copy Fail’ flaw gives hackers root on major distros

An exploit has been published for a local privilege escalation vulnerability dubbed "Copy Fail" that impacts Linux kernels ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
CoinDesk

Wasabi Protocol drained of $4.5 million in apparent admin key compromise

The exploit used a playbook similar to Drift's $285 million breach earlier this month: a compromised deployer key with no ...

OpenAI Codex system prompt includes explicit directive to “never talk about goblins”

The system prompt for OpenAI’s Codex CLI contains a perplexing and repeated warning for the most recent GPT model to “never ...
SecurityWeek

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

The China-linked APT GopherWhisper has been using legitimate services and various Go-based backdoors in attacks.
TechCrunch

Hackers are abusing unpatched Windows security flaws to hack into organizations

Hackers have broken into at least one organization using Windows vulnerabilities published online by a disgruntled security researcher over the last two weeks, according to a cybersecurity firm. On ...
bankinfosecurity

Freight Hacker Wields Code-Signing Service to Evade Defenses

Many attacks that target the sector attempt to trick victims into installing malware that deploys remote management and monitoring tools, which attackers use to remotely control a victim's system and ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, backdoors, and ad injection.