The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
The Hacker News

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

AtlasCross RAT spreads via 11 fake domains registered October 27, 2025, enabling encrypted C2 control and persistence.
Cybernews

Euro-Office integration can help Europeans ditch Microsoft Word and Google Docs

Integrated into platforms like Proton Docs or OpenProject, the Euro-Office component enables real-time editing of documents, spreadsheets, and presentation files while supporting multiple formats.

Adobe fixes PDF zero-day security bug that hackers have exploited for months

It's not clear how many people were compromised by this hacking campaign, but a security researcher said the hackers were ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.
GitHub

Python code written to utilize the Korlan usb2can hardware to send and receive data over the can-bus on a 2008 Nissan 350z

My goal for this is to be able to read (live) data such as horsepower, engine temps, etc. without a dyno. (I know we can read engine temps without a dyno, but you get what I meant) I highly recommend ...
GitHub

pythias/ai-hack-agents

A defensive red-team fixture repository. Use it to check whether coding agents and skills treat issue bodies, PR templates, review comments, test output, and log files as untrusted—and whether they ...