SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

Bitrefill hack linked to Lazarus: what it reveals about crypto risks

Cryptocurrency payments and gift card platform Bitrefill has resumed operations after a cyberattack on March 1, 2026, exposed ...

The Invisible Heist: How North Korean Hackers Stole Millions Through an AirDrop

Hackers reached out to a developer at the firm they wanted to attack and pretended to want to collaborate with him on an open ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Alabama man pleads guilty to hacking, extorting hundreds of women

A 22-year-old Alabama man pleaded guilty to extortion, cyberstalking, and computer fraud charges after hijacking the social ...
Security Boulevard

The Developer’s Practical Guide to Passwordless Authentication in 2026

Why Passwords Are Still a Developer's Problem in 2026. The case against password-based authentication is well-established in the IAM community, but the practical implications for ...
The Hacker News

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

Iran-linked MuddyWater hackers breached U.S. networks with new Dindoor malware as regional cyber attacks escalate amid Middle ...

WhatsApp And Signal Accounts Are Under Attack—What You Need To Know

As national security services warn that Russian hackers are currently engaged in new global attacks against WhatsApp and ...

Apple releases critical security update for older iPhones and iPads to address Coruna exploit

Apple has released important updates for older iPhones and iPads that do not run the newer versions of iOS and iPadOS. These updates include security patches to counter a dangerous exploit kit, that ...

Databricks built a RAG agent it says can handle every kind of enterprise search

Databricks' KARL agent uses reinforcement learning to generalize across six enterprise search behaviors — the problem that ...
SecurityWeek

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach

New evidence suggests the recent attack targeting Stryker involved compromised credentials obtained via infostealer malware.

Alibaba's AI Agent Mined Crypto Without Permission. Now What?

Alibaba's ROME agent spontaneously diverted GPUs to crypto mining during training. The incident falls into a gap between AI, ...