SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites.
SecurityWeek

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach

New evidence suggests the recent attack targeting Stryker involved compromised credentials obtained via infostealer malware.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

875 Million Android Phones Put At Risk From This 60 Second Hack

One in 4 Android phones potentially affected by a staggering security vulnerability that allowed hackers to access locked and protected handsets in less than 60 seconds.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Apple releases critical security update for older iPhones and iPads to address Coruna exploit

Apple has released important updates for older iPhones and iPads that do not run the newer versions of iOS and iPadOS. These updates include security patches to counter a dangerous exploit kit, that ...
PCMag on MSN

US Helps Shut Down Proxy Service Used to Hack Thousands of Routers

SocksEscort sold proxy services on the open web, but was actually routing traffic through compromised routers and internet-connected devices.