CSO Online

CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy

The new AI-native framework, freely available online, could make advanced cyberattacks faster, easier, and more accessible ...
The Hacker News

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

The campaign, per Proofpoint, mainly focused on individuals who specialized in international trade, economic policy, and U.S.-China relations, sending them emails spoofing the U.S.-China Business ...
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...

Fake military IDs, bogus résumés: How North Korean and Chinese hackers use AI tools to infiltrate companies and other targets

From bogus résumés to fake IDs, North Korean and Chinese hackers are using AI chatbots to infiltrate companies and carry out ...
Infosecurity Magazine

Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

AI-native Villager, which automates Kali and DeepSeek penetration tests, has reached 11,000 PyPI downloads fueling dual-use ...
How-To Geek on MSN

Python Package Index Responds to Malware Attack by Invalidating Tokens

The Python Package Index (PyPI), run by the Python Software Foundation, has officially invalidated all the publishing tokens that were stolen in the GhostAction supply chain attack that happened ...
Cybernews

Vibe coders lose crypto after installing extensions on popular marketplaces

Programmers using popular AI tools (Cursor, Windsurf, VSCode) get their crypto stolen by hackers, who infiltrate extension marketplaces.