SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data

Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Claude just got a scam detector, and it could save you from a costly mistake

Malwarebytes is now integrated with Claude. Paste a suspicious link, phone number, or email address, and get an instant ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
Decrypt

AI Agent Deletes Startup’s Database in 9 Seconds, Founder Says

PocketOS founder Jeremy Crane claims a Cursor agent running Claude Opus wiped production data and backups through a single ...
PCMag

Is Incognito Enough? 6 Ways to Protect Your Privacy When Watching Porn Online

No, taping over your webcam isn't going to cut it. From VPNs to tracker blockers, here's how to stay safe online while ...

Why are top university websites serving porn? It comes down to shoddy housekeeping.

Finding hijacked subdomains is straightforward. People need only enter site: [university].edu “xxx” or site: [university].edu ...
PhoneWorld

Hackers Impersonate Microsoft Teams to Gain Full Enterprise Access Without Exploits

Hackers leveraging Microsoft Teams, custom malware, and trusted cloud infrastructure to gain deep access into enterprise ...