The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...

2.8 Billion Credentials Stolen As Password Attacks Surge

A surge in password-related cybercrime throughout 2025 has seen not only 2.8 billion credentials stolen, but macOS ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

You can now protect your ChatGPT account with a special USB-key

OpenAI's new Advanced Account Security lets you ditch passwords entirely and lock your ChatGPT account with a physical USB key — and it's available right now.

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
PCMag on MSN

OpenAI's Advanced Account Protection Dumps Passwords for Security Keys

OpenAI's new 'Advanced Account Security' mode is for users looking for top-tier account protection, and requires either ...