The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Escalating $1b loan fraud scandal threatens to engulf top banks

AUSTRAC is investigating a widening mortgage loan fraud scandal, after a syndicate duped Commonwealth Bank into writing $1 ...
CSO Online

North Korean fake IT worker tradecraft exposed

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...

Fake Claude Code Spreads Malware to Windows, macOS Users

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Fake explosions, fake missiles, fake troops: AI videos and images of Iran war spread widely on social media

Fake videos and images depicting fake attacks and fake troops have racked up tens of millions of views on social media ...
Tech Times

YouTube Expands Deepfake Detection Tool to Protect Personalities Against AI-Generated Content

YouTube is expanding its deepfake detection tool to help catch AI-generated synthetic media and help protect people from ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...