The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
MUO on MSN

Android's Linux terminal is so good that I keep finding new reasons not to open my PC

I keep reaching for my phone, and it’s not for scrolling.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
SecurityWeek

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation

The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months. Southeast Asian military organizations have been targeted in a China-linked ...
VentureBeat

What the OpenClaw moment means for enterprises: 5 big takeaways

Credit: VentureBeat made with OpenAI GPT-Image-1.5 The "OpenClaw moment" represents the first time autonomous AI agents have successfully "escaped the lab" and moved into the hands of the general ...
Bleeping Computer

Fake ad blocker extension crashes the browser for ClickFix attacks

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the browser in preparation for ClickFix attacks. The attacks were spotted ...