Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Decrypt

Polkadot-Ethereum Bridge Hack Losses Were 10x Worse Than Reported, Team Admits

Polkadot bridge protocol Hyperbridge said losses from this week's hack were 10x worse than originally reported, tallying ...

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.

Microsoft supercharges Visual Studio Code 1.116 with native AI and deep agent debugging

Stop hunting for extensions. Visual Studio Code 1.116 is here, baking GitHub Copilot directly into the core and giving you ...

Apple Tap-to-Pay Vulnerability Demonstrated on Video as YouTuber Steals $10,000 From a Locked iPhone

A YouTube channel collaborated with two cybersecurity experts to explain how Apple’s Tap-to-Pay vulnerability from 2021 can ...
The Daily Northwestern

NU students help D65 5th graders turn Python code into music

Trumpet blares, fading sounds of heartbeats and a ringing alarm clock. These aren’t sound effects for a movie — rather, for ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...
SecurityWeek

Exploited Vulnerability Exposes Nginx Servers to Hacking

A critical Nginx UI vulnerability that allows attackers to take full control of servers has been exploited in the wild.

Google shoehorned Rust into Pixel 10 modem to make legacy code safer

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to ...

The invisible shield: How AI is quietly protecting the software that runs your life

Last week, something alarming happened in the world of software — and almost nobody outside the tech industry noticed. A ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...