The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
WinBuzzer

ChatGPT Containers Gain Bash Support and Multi-Language Code

ChatGPT has quietly gained bash support and multi-language capabilities, enabling users to run commands and install packages in containers without official announcements.
Infosecurity Magazine

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...
GitHub

Execute PowerShell scripts or commands silently with no console window

QuietShell is a command-line application for headless PowerShell execution supporting both in-process runspaces and out-of-process execution models. QuietShell eliminates console window visibility ...