The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...

I built an AI poem generator. I wasn’t prepared for how people would use it

To put that theory into practice, I teamed up with my friend Jared Bauman, built an AI-powered poem generator, and released ...

Google shoehorned Rust into Pixel 10 modem to make legacy code safer

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to data networks, DNS has become a core part of how phones work. Google explains ...

Robbins ‘was bullied into clearing Mandelson appointment’

No 10 put the Foreign Office under “constant pressure” to clear Lord Mandelson for the appointment of US ambassador, Sir Olly Robbins has said. The former top civil servant at ...

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
Hackaday

An LLM From “Scratch”

Reading a book about bowling is not the same as actually bowling. If that resonates with you and you want to learn more about ...
Hackaday

Building An IBM PCjr BIOS From Source Using Original Printed Source Code

As unloved as IBM’s PCjr was, with only a one-year production run, it’s hard to complain about the documentation available ...
The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
pv magazine International

EU moves to restrict funding for projects using inverters from high-risk suppliers

The EU is moving forward with a plan to restrict funding for PV projects using inverters from high-risk suppliers, citing cybersecurity concerns and issuing new guidance to phase them out. A ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Fake OpenAI repository on Hugging Face pushes infostealer malware

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...