The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
Arabian Post

AI commit opens crypto wallet risk

A malicious npm dependency slipped into an AI-assisted crypto trading project has exposed how automated coding tools can be manipulated into importing software that steals credentials, wallet data and ...
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

Severe Linux Copy Fail security flaw uncovered using AI scanning help

Copy Fail was identified by Theori’s researchers with assistance from their Xint Code AI tool. According to a blog post, ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...