The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

Not a Kids Game: From Roblox Mod to Compromising Your Company

Seemingly harmless game mods can hide infostealer malware that quietly steals identities. Flare shows how Roblox mods can ...

Revealed: Leaked Chats Expose the Daily Life of a Scam Compound’s Enslaved Workforce

A whistleblower trapped inside a “pig butchering” scam compound gave WIRED a vast trove of its internal materials—including 4 ...