The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login ...

From Cipher to Fear: The psychology behind modern ransomware extortion

Modern ransomware has shifted from encryption to psychological extortion that exploits fear, liability, and exposure. Flare ...
GitHub

Smasnug Notes – Run Samsung Notes on Windows

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, ...
Hackaday

Astronomy Live On Twitch

Although there are a few hobbies that have low-cost entry points, amateur astronomy is not generally among them. A tabletop Dobsonian might cost a few hundred dollars, and that is just the entry ...
Cybernews

Pentest tools left online are allowing hackers to exploit Fortune 500 firms

Hackers are exploiting intentionally vulnerable penetration testing and security training apps that have been mistakenly exposed to the public internet, giving them access to cloud environments ...
Cybernews

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...

Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
GitHub

Scripts designed to automate DragonVale resource exploits using Nox emulator and GameGuardian.

DragonVale has no server-side checks for resources, so it is possible to manipulate the game client to give you any amount of resources you want. GameGuardian enables dynamic memory scanning and ...