SecurityWeek

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

The PCPJack worm targets cloud environments and vulnerable web applications to remove TeamPCP infections and steal ...

U.S. government warns of severe CopyFail bug affecting major versions of Linux

U.S. cybersecurity agency CISA says the CopyFail bug is being actively used in hacking campaigns, and poses a major risk to servers and datacenters that rely on Linux.
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...
The Hacker News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft spreads BirdCall via sqgame.net since late 2024, targeting Android users, enabling surveillance and data theft.
Dark Reading

After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets

PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud ...
OSTechNix

How to Fix Copy Fail (CVE-2026-31431) Vulnerability on Ubuntu and Linux Mint

Learn how to fix Copy Fail (CVE-2026-31431) in Ubuntu and Linux Mint. Copy Fail vulnerability allows any local user gain root ...
SecurityWeek

Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion

Claude AI guided a threat actor toward OT ICS SCADA systems in an attack on a water and drainage utility in Mexico.
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

Pink Power Ranger-clad hacker uses AI to shut down neo-Nazi dating sites and white supremacist 'sperm and egg donor' platform

While the biggest dating platforms generally aim to unite people regardless of their identity or heritage, the internet hides ...