The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
SecurityWeek

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...
Hackaday

Building An IBM PCjr BIOS From Source Using Original Printed Source Code

As unloved as IBM’s PCjr was, with only a one-year production run, it’s hard to complain about the documentation available ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Threat actor uses Microsoft Teams to deploy new “Snow” malware

A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a ...

What’s a coding course for in the age of AI? Maybe not learning to write it

Intro to Programming courses at NC State still have a no-AI policy. Heckman and Roberts are committed to that, unlike Jordan.
Unite.AI

Anthropic Wires Claude Into Photoshop, Blender, and Ableton

Anthropic released nine new Claude connectors on April 28, plugging the assistant directly into the software professional creatives already use — Adobe Creative Cloud, Blender, Ableton Live, Autodesk ...

The things we’re building

“I built Newslog. It bundles your newsletters, RSS feeds, and articles into a single daily digest with an index and summaries ...

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...