The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
Dark Reading

Chinese APTs Hacking Asian Orgs With High-End Malware

Advanced persistent threat (APT) groups have deployed new tools against a variety of targets, highlighting the increasing ...

Infostealers added Clawdbot to their target lists before most security teams knew it was running

RedLine, Lumma, and Vidar adapted in 48 hours. Clawdbot's localhost trust model collapsed, plaintext memory files sit exposed ...

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...
Computer Weekly

RAMP ransomware forum goes dark in probable FBI sting

It is not unheard of for cyber criminals to fake takedowns, often amid juvenile theatrics, to start over with a “clean” slate, but initial reports appear to verify the authenticity of the takedown, ...
PCMag on MSN

OpenClaw (Moltbot? Clawdbot?) Is the Hot New AI Agent, But Is It Safe to Use?

Now on its third name, this agent can take actions without you having to prompt it and make those decisions by accessing ...