The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

Hackers are now using ChatGPT share links to deliver malware

Hackers are now abusing ChatGPT to generate malicious webpages that trick unsuspecting users into downloading malware onto their machines.
Bleeping Computer

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...

GPU mining malware spreads via SEO poisoning, AI chatbots

Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a ...
Decrypt

Perplexity Built a Tool That Checks Your Computer for Infected Software—Without Setting Off the Infection

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.
Forbes

8 Best Antivirus Software

Rachel Williams has been an editor for nearly two decades. She has spent the last five years working on small business content to help entrepreneurs start and grow their businesses. She’s well-versed ...
U.Today

New 'TrapDoor' Virus Steals Crypto Wallets: Solana, DeFi, AI Developers Under Threat

Blockchain security firm SlowMist warns of a cross-registry supply chain campaign targeting developers in the Solana, decentralized finance, and AI sectors to siphon private keys.