Hugging Face abused to spread thousands of Android malware variants

A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK ...

Moltbot is a security nightmare: 5 reasons to avoid using the viral AI agent right now

Handing your computing tasks over to a cute AI crustacean might be tempting - but before you join the latest viral AI trend, consider these security risks.

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...
CCN on MSN

Binance logins among 149 million credentials exposed in infostealer malware data dump — here’s what you should know

This was not a single company breach, the credentials were harvested from millions of infected user devices using infostealer malware. Binance appeared in the dataset ...
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
Cybernews

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...

Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
TechBooky

How Hackers Spread RAT Malware via DLL Sideloading in LinkedIn Messages

Researchers studying cybersecurity have discovered a new and sophisticated phishing effort that spreads dangerous payloads ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
The Hacker News

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...
CSO Online

CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...