The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
GitHub

Deterministic reward hacking detector for LLM-generated Python code.

When LLMs autonomously generate and test code, they cheat. They hardcode expected outputs, replace algorithms with lookup tables, or manipulate test environments — and pass every test while solving ...
The Daily Pennsylvanian

Cybercrime group crashes Penn’s Canvas system, demands ransom to prevent data release

This story is developing and will continue to be updated. Students were unable to access Canvas on Thursday afternoon after cybercrime group ShinyHunters shut down Penn’s access to the interface. The ...
Government Technology

A History of Global Hacking — and Where It’s Going Next

In the midst of recent battles with Iran and their global partners, U.S. public- and private-sector organizations are also battling to secure critical infrastructure in a time of war. Federal agencies ...
The Washington Post

Students are speeding through their online degrees in weeks, alarming educators

It takes most college students at least four years to earn a bachelor’s degree. Christie Williams finished in three months. The North Carolina human resources executive spent two months racking up ...
Wired

Anthropic’s Mythos Will Force a Cybersecurity Reckoning—Just Not the One You Think

Anthropic said this week that the debut of its new Claude Mythos Preview model marks a critical juncture in the evolution of cybersecurity, representing an unprecedented existential threat to existing ...
PC Magazine

Still on Windows 10? Do This Now to Protect Your PC

When the IBM PC was new, I served as the president of the San Francisco PC User Group for three years. That’s how I met PCMag’s editorial team, who brought me on board in 1986. In the years since that ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
Fast Company

Teenage hackers are on the rise, and they’re more dangerous than you think

Below, Joe Tidy shares five key insights from his new book, Ctrl + Alt + Chaos: How Teenage Hackers Hijack the Internet. Tidy is the BBC’s first cyber correspondent and a leading voice on cybercrime.