JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.
InfoWorld

Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...
Circuit Digest

Building a Voice-Controlled Drone with LiteWing using Python

The laptop connects directly to the drone through its Wi-Fi access point (AP), enabling wireless communication between the ...
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
CSO Online

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover ...

Fake OpenAI repository on Hugging Face pushes infostealer malware

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...
Decrypt

You Installed Hermes. Now Make It Look Better Than ChatGPT or Claude

The terminal is fine. But if you actually want to live in your Hermes agent, here are the four best GUIs the community has ...

Script Injection and Data Theft: Python Data Analysis Tool Compromised

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...

Google intercepts a massive cyberattack powered by first-ever AI-generated zero-day exploit

Google claims to have thwarted a significant cyberattack by state-sponsored hackers using an AI-developed zero-day exploit.