The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

Chainlit AI framework bugs let hackers breach cloud environments

Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, ...

Web skimming attacks target major payment networks

Web skimming campaigns use obfuscated JavaScript code to steal credit card data from checkout pages without detection by ...

Hacking the grid: How digital sabotage turns infrastructure into a weapon

The US used a cyberattack to turn off power in Caracas during the raid to seize Maduro. The US grid is also vulnerable to ...
The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...
SecurityWeek

‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing

The Stanley website-spoofing malware toolkit displays legitimate URLs in the address bar while serving phishing pages to ...
CNX Software

M5MonsterC5 hacking tool adds ESP32-C5 and 5 GHz Wi-Fi 6 support to M5Stack Cardputer ADV and Tab5

Developed by Laboratorium in Poland, the M5MonsterC5 is an ESP32-C5-based "Marauder" hacking tool designed to work with M5Stack Cardputer ADV or M5Stack ...