Mini Shai-Hulud worm injects disk wiper into Microsoft Azure PyPI package

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...
Hackaday

21st Century Punch Cards Are 3D Printed And Read By OpenCV

While a punch card is perhaps the lowest-density storage medium available, it has some distinct advantages. As [Bitroller] ...
Fireship on MSN

How a 732-byte Python script exploited Linux

A 732-byte Python script has uncovered a significant vulnerability in the Linux kernel, affecting users worldwide. Explore ...

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Microsoft Reveals How One Hacked Identity Triggered a Massive Cloud-Wide Breach

Microsoft says Storm-2949 used one hacked identity to infiltrate cloud systems, steal sensitive data, and spread across Azure ...
Hackaday

Mixapps: The Mixtape Of The Internet Age

Mixtapes used to be a way that we cultivated a personal selection of music for our own enjoyment, or to give as gifts to ...
The Hacker News

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are ...