The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Gaza documentary makers dare BBC to cut their Baftas speech after impartiality row

Speaking during the Too Hot To Handle: The Future of Political Documentaries panel, he said the BBC was ‘racist’ in its ...
CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

'ClickFix' attack tricks users into hacking themselves, ACSC warns

ClickFix relies on tricking users into essentially hacking themselves by running commands that compromise their computers. In ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
SecurityWeek

SAP NPM Packages Targeted in Supply Chain Attack

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...

Google disrupts effort by criminal hackers to exploit vulnerability using AI

Google GOOGL-Q said Monday that it had disrupted a criminal group’s attempt to use artificial intelligence to exploit another ...
Cryptopolitan on MSN

Malicious SAP npm packages target crypto wallet data

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...
The Security Ledger

How Claude Planted Malicious Code In A Crypto-Trading App

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
The Indiana Lawyer

Google disrupts hackers using AI to exploit unknown weakness in company’s digital defense

It's a moment cybersecurity experts have warned about for years: malicious hackers arming themselves with AI to supercharge their ability to break into the world’s computers.