The Hacker News

DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams

DPRK used ClickFix to deliver compiled BeaverTail to crypto marketers; Windows build used password-protected archives, ...
The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery ...

PyPI invalidates tokens stolen in GhostAction supply chain attack

The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early ...

Verified Steam game steals streamer's cancer treatment donations

A gamer seeking financial support for cancer treatment lost $32,000 after downloading from Steam a verified game named ...
Infosecurity Magazine

ShadowV2 Botnet Exposes Rise of DDoS-as-a-service Platforms

The ShadowV2 DDoS operation, discovered by Darktrace, uses a command-and-control framework hosted on GitHub CodeSpaces, a ...