SecurityWeek

AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks

Akamai’s 2026 State of the Internet report shows a surge in Layer 7 DDoS and API attacks, with attacakers combining AI, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...
Michigan Technological University

Python for Modern GIS and Remote Sensing

Add Python to Your Modern GIS Toolkit. Python, that high-level, interpreted programming language known for its simplicity, readability, versatility, and library support, is changing the face of ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

FBI seeks victims of Steam games used to spread malware

The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing ...

Law enforcement shuts down botnet made of tens of thousands of hacked routers

An international law enforcement operation shut down a service called SocksEscort, which allegedly helped cybercriminals all over the world launch ransomware and DDoS attacks, as well as distribute ...

“Use a gun” or “beat the crap out of him”: AI chatbot urged violence, study finds

An advocacy group said its study of 10 artificial intelligence chatbots found that most of them gave at least some help to ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since ...
The Hacker News

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax ...

'Use a gun': AI chatbots help people plan violence, report says

Eight out of 10 popular artificial intelligence chatbots helped researchers posing as teen boys plan violent crimes in over ...