Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The Hacker News

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.
Cloud Security Alliance

Evaluating PyRIT for Agentic AI Red Teaming

Evaluate the effectiveness of Microsoft’s Python Risk Identification Toolkit (PyRIT) for agentic AI red teaming. Address evolving autonomous AI system threats.
pentestpartners.com

ClickFix, CrashFix and the growing family of copy and paste attacks

At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t look like that is going to change anytime soon. We’re now into June and the ‘fix’ attacks have ...
Infosecurity-magazine.com

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.
Bitdefender

LummaStealer Is Getting a Second Life Alongside CastleLoader

Bitdefender researchers have discovered a surge in LummaStealer activity, showing how one of the world's most prolific information-stealing malware operations managed to survive despite being almost ...
Bleeping Computer

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware. LummaStealer, also known as LummaC2, ...
InfoQ

Agentic Terminal - How Your Terminal Comes Alive with CLI Agents

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Spencer Judge discusses the architectural ...
The Hacker News

âš¡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens

Security, trust, and stability — once the pillars of our digital world — are now the tools attackers turn against us. From stolen accounts to fake job offers, cybercriminals keep finding new ways to ...
Windows Report

Error Loading Python DLL: Resolved in 4 Easy Steps

For fixing Windows errors, we recommend Fortect: Fortect will identify and deploy the correct fix for your Windows errors. Follow the 3 easy steps to get rid of ...
LinkedIn

Python for testing drive space.

Here is a practical and robust Python script to verify the actual size of a disk by writing and reading data across the volume. This is useful for validating suspicious or counterfeit drives that ...
WeLiveSecurity

DeceptiveDevelopment targets freelance developers

Cybercriminals have been known to approach their targets under the guise of company recruiters, enticing them with fake employment offers. After all, what better time to strike than when the potential ...