The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
GovInfoSecurity

Russia's Unit 26165 Resumes High-End Malware Campaigns

The long-running Russian military hacking group tracked as Fancy Bear and APT28 has been wielding a new, "high-end custom arsenal" of custom ...
GitHub

Arc Raiders Hack Scripts for Professional Gamers

The world of ARC Raiders is not gentle. Steel rains from the sky, machines whisper death in the fog, and every expedition is a quiet negotiation with risk. The Arc Raiders Mod Menu exists for those ...
SecurityWeek

Claude Code Flaws Exposed Developer Devices to Silent Hacking

Check Point researchers discovered serious vulnerabilities in Anthropic’s Claude Code tool that could have allowed attackers to silently gain control of a developer’s computer. The security firm began ...
The Hacker News

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has targeted several organizations and individuals mainly located across the Middle East and North ...