The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.
Arabian Post

InvisibleFerret shift raises developer risks

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google ...
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...
Hackaday

This Week In Security: AI Generated Reports, More AI Generated Reports, GitHub Chaos, And More Linux Vulnerabilities

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...
Biometric Update

1Password, Keycard present tools for secure AI agent credential delegation

Most teams are still securing access with static credentials built for human operators, not for autonomous agents. This ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
Hosted on MSN

Google blocks first AI-made zero-day exploit before mass attack

First AI zero-day: Google identified and blocked an AI-generated zero-day exploit aimed at bypassing two-factor authentication in a widely used open-source admin tool. How it was found: Analysis ...

Google Reports a First: Hackers Used AI to Identify Security Flaw

It's the first known time that a threat actor developed a zero-day exploit using AI. Is it just the start? Here's what we ...
techannouncer

Mastering Python: Practical Code Examples for Every Skill Level

Learning Python can feel like a big task, especially when you’re just starting out. But honestly, the best way to get a handle on it is to just start writing code. We’ve put together some practical ...