Dark Reading

Chinese APTs Hacking Asian Orgs With High-End Malware

Advanced persistent threat (APT) groups have deployed new tools against a variety of targets, highlighting the increasing ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

149 Million Usernames and Passwords Exposed by Unsecured Database

This “dream wish list for criminals” includes millions of Gmail, Facebook, banking logins, and more. The researcher who ...

Act Now—48 Million Gmail Usernames And Passwords Leaked Online

Are your Gmail login credentials amongst the 48 million estimated as exposed in this leak of existing infostealer logs — here's what you need to know.

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...

Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation

A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized ...

Poland’s energy grid was targeted by never-before-seen wiper malware

Researchers on Friday said that Poland’s electric grid was targeted by wiper malware, likely unleashed by Russia state ...
PCMag

These Free VPNs, Proxies Used by Criminals to Hijack Users' Connections

Google seizes domains used by the IPIDEA proxy network, which sold access to devices compromised through free VPNs, proxy services, and mobile apps.