The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...
GitHub

lenucksi/aur-malware-check

Detection and analysis tools for the atomic-lockfile supply-chain attack on the Arch User Repository (AUR). This is a collection of all the scattered resources, especially the ones in the detection ...
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...
Mashable

AI is fueling Reddit's spam problem

UPDATE: Jun. 4, 2026, 3:38 p.m. EDT — This article has been updated with a statement from Reddit. In recent years, brands and spammers alike have been using Reddit to manipulate AI chatbots by ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
IEEE

A Systematic Review on Detection, Repair, and Explanation of Vulnerabilities in Source Code Using Large Language Models

Abstract: Software vulnerabilities pose critical risks to the security and reliability of modern systems, requiring effective detection, repair, and explanation techniques. Large Language Models (LLMs ...
Kotaku

PlayStation 3 Emulator Devs Politely Ask That People Stop Flooding It With AI Code Pull Requests

The team behind RPCS3 suggests that vibe-coders "learn how to debug and code" instead of "generating slop that you don't understand" AI Ai slop Emulation PlayStation The team behind RPCS3, the ...
InfoWorld

The best new features in Python 3.15

Highlights of Python 3.15, now available in beta, include lazy imports, faster JITs, better error messages, and smarter profiling. The first full beta of Python 3.15 ...
Bleeping Computer

Trellix discloses data breach after source code repository hack

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. Trellix is a global cybersecurity company formed from the October 2021 ...
Women's Wear Daily

Californians Hit Temu with Class Action Over Alleged ‘Spam Abuse’

Chinese e-commerce giant Temu is facing a California class action accusing the online marketplace of using deceptive email tactics—on par with “modern spam abuse,” per the filing—to push shoppers into ...