GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation

The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months.
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...
The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...
Infosecurity Magazine

What CISOs Should Know (And Do) About OpenClaw

Infosecurity spoke to several experts to explore what CISOs should do to contain the viral AI agent tool’s security vulnerabilities ...
GitHub

Advanced Keylogger with Daily Log Rotation

A sophisticated, cross-platform keylogger written in Python with advanced features including AES-256 encryption, silent background operation, automatic startup/restart capabilities, and daily log ...
Deadline.com

Jeff Shell Intends To “Strongly Respond” To Threatened Lawsuit Over Insider Corporate Information

EXCLUSIVE: Paramount president Jeff Shell intends to fight back against a threatened lawsuit from a former longtime associate over the alleged misuse and disclosure of confidential corporate ...
CNBC

Cybersecurity stocks drop for a second day as new Anthropic tool fuels AI disruption fears

Cybersecurity stocks dropped for a second day as the threat of AI loomed large with Anthropic's latest AI tool that can scan code for vulnerabilities. Investors are worried new artificial intelligence ...
IEEE

Fixed-Time Output-Feedback Control for Multi-Spacecraft Pursuit-Evasion Game with Incomplete Information via Adaptive Dynamic Programming

Abstract: This paper proposes a fixed-time output-feedback approximate optimal control strategy for the multi-pursuer single-evader game, addressing challenges of incomplete information, unknown ...
Dark Reading

Attackers Use New Tool to Scan for React2Shell Exposure

New data suggests a cyber espionage group is laying the groundwork for attacks against major industries. The "React2Shell" vulnerability is already almost a few months old, but it's far from over. An ...