The Hacker News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...
SecurityWeek

Cursor AI Vulnerability Exposed Developer Devices

NomShub, a vulnerability chain in Cursor AI, allowed attackers to achieve persistent access to systems via indirect prompt ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

Shell’s India LNG Push Tests Cash Flow And Contract Resilience

Shell rapidly increased LNG supplies to India in response to disruptions in West Asia. The company secured the majority of Indian fertilizer sector LNG tenders in the latest round. Shell recorded its ...
Network World

Lumen: Upstream network visibility is enterprise security’s new front line

Lumen focuses on telemetry from the internet backbone, where the largest ISPs interconnect, to reveal attack patterns that ...
The Hacker News

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...
MUO on MSN

This PowerShell command lists every startup app Windows doesn't show you

I ran one command and found startup apps Windows “forgot” to mention.

OMV Bulgaria EV Network Tests Future Of Retail And Mobility

OMV Bulgaria has rolled out a new electric vehicle charging network at 21 sites. The move adds EV infrastructure to OMV's ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Computer Weekly

North Korean social engineering campaign targets macOS users

A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by ...
EUobserver

Who will make up Magyar’s new Hungarian government? Meet the team shaping up to be Tisza’s first cabinet

As Péter Magyar prepares to take the helm of Hungary on 9 May, the era of "super-ministries" and party loyalists is being ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...