The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...
GitHub

Cross-platform Python playback library for Azure Kinect MKV files.

In order to load an MKV file, it is necessary to create a new instance of the OpenK4APlayback class. Note that if the is_looping flag is set, the stream will not stop ...

Anduril launches global AI drone race with $500K prize, jobs in Ohio

Anduril launched the AI Grand Prix, a global drone racing competition offering $500,000 and jobs to top software talent.
InfoWorld

4 self-contained databases for your apps

SQLite has its place, but it’s not fit for every occasion. Learn how to set up install-free versions of MariaDB, PostgreSQL MongoDB, and Redis for your development needs.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...
Dark Reading

Second Round of Critical RCE Bugs in n8n Spikes Corporate Risk

A new around of vulnerabilities in the popular AI automation platform could let attackers hijack servers and steal ...