CNX Software

Converting a disposable vape into a web server

BogdanTheGeek has managed to run a web server on a disposable vape powered by a cheap Puya PY32 Arm Cortex-M0+ ...
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...

PyPI invalidates tokens stolen in GhostAction supply chain attack

The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early ...
SecurityWeek

ChatGPT Targeted in Server-Side Data Theft Attack

The attack, dubbed ShadowLeak, targeted ChatGPT’s Deep Research capability, which is designed to conduct multi-step research ...

Your passkeys could be vulnerable to attack, and everyone - including you - must act

When a clickjack attack managed to hijack a passkey authentication ceremony, were password managers really to blame? ZDNET's investigation reveals a more complicated answer.
CSO Online

CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy

The new AI-native framework, freely available online, could make advanced cyberattacks faster, easier, and more accessible ...
Hackaday

This Week In Security: The Shai-Hulud Worm, ShadowLeak, And Inside The Great Firewall

Hardly a week goes by that there isn’t a story to cover about malware getting published to a repository. Last week it was ...