The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
The Hacker News

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...

Not a whistleblower, just a student asking why: Story of Sarthak Sidhant who raised concerns about CBSE's discrepancies

Eighteen-year-old Sarthak Siddhant, a student, used basic tools to look closely at CBSE's new on-screen marking system. He ...
Naples Daily News on MSN

Python egg hunt: Florida elimination program adds new reward category

The South Florida Water Management District is now rewarding hunters for removing python eggs and active nests from the ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Webcam-hacking Minecraft malware is disguising itself as mods, and it's infected thousands of PCs

The malware, built to look like Minecraft launchers and mods, gives hackers access to your screen, files, webcam, accounts, ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...