New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...
CNET

Russia's Military Hackers Targeted Home Routers Across 23 States. Here's What to Do

Federal agencies disrupted the attack but were direct about what comes next. These five router security steps are the responsibility of individual owners. Joe Supan is a senior writer for CNET ...