The Hacker News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft spreads BirdCall via sqgame.net since late 2024, targeting Android users, enabling surveillance and data theft.

Script Injection and Data Theft: Python Data Analysis Tool Compromised

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
CSO Online

‘Trivial’ exploit can give attackers root access to Linux kernel

Experts say until the distros release patches, CSOs have to beware of unauthorized privilege escalation; Kubernetes container ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
The Hacker News

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...

Linux cryptographic code flaw offers fast route to root

Developers of major Linux distributions have begun shipping patches to address a local privilege escalation (LPE) ...

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents

Do we even need Anthropic or OpenAI's top models, or can we get away with a smaller local model? Sure, it might be slower, ...